Known Vulnerabilities for products from Arista
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Arista".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Arista can be found at device.report : Arista
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-24548 json | On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel a... | 6.5 - MEDIUM | 2023-08-29 | 2023-09-05 |
| CVE-2023-24547 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2023-12-06 | 2023-12-11 |
| CVE-2023-24546 json | On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could e... | 8.1 - HIGH | 2023-06-13 | 2023-11-07 |
| CVE-2023-24545 json | On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial... | 7.5 - HIGH | 2023-04-12 | 2023-04-21 |
| CVE-2023-24513 json | On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial... | 7.5 - HIGH | 2023-04-12 | 2023-04-24 |
| CVE-2023-24512 json | On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a requ... | 6.5 - MEDIUM | 2023-04-25 | 2023-05-09 |
| CVE-2023-24511 json | On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmp... | 7.5 - HIGH | 2023-04-12 | 2023-04-21 |
| CVE-2023-24510 json | On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart. | 7.5 - HIGH | 2023-06-05 | 2023-06-20 |
| CVE-2023-24509 json | On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy pr... | 7.8 - HIGH | 2023-04-13 | 2023-04-25 |
| CVE-2023-3646 json | On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may tri... | 7.5 - HIGH | 2023-08-29 | 2023-09-05 |
| CVE-2022-29071 json | This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal (C... | 5.5 - MEDIUM | 2022-08-05 | 2023-07-21 |
| CVE-2021-28511 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2022-08-05 | 2022-08-15 |
| CVE-2021-28510 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-01-26 | 2023-06-30 |
| CVE-2021-28509 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2022-05-26 | 2022-06-09 |
| CVE-2021-28508 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.1 - MEDIUM | 2022-05-26 | 2022-06-09 |
| CVE-2021-28507 json | An issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL configured for OpenConfi... | 7.1 - HIGH | 2022-01-14 | 2022-07-14 |
| CVE-2021-28506 json | An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication... | 9.1 - CRITICAL | 2022-01-14 | 2022-07-14 |
| CVE-2021-28505 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-04-14 | 2022-04-26 |
| CVE-2021-28504 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-04-01 | 2022-04-12 |
| CVE-2021-28503 json | The impact of this vulnerability is that Arista's EOS eAPI may skip re-evaluating user credentials when certificate based aut... | 9.8 - CRITICAL | 2022-02-04 | 2022-08-02 |
Known software with vulnerabilities from Arista
| Type | Vendor | Product | Version |
|---|---|---|---|
| Hardware | Arista | 7010t-48 | - |
| Hardware | Arista | 7020r | - |
| Hardware | Arista | 7280e | - |
| Hardware | Arista | 7280r | - |
| Hardware | Arista | 7280r2 | - |
| Hardware | Arista | 7280r3 | - |
| Hardware | Arista | 7500e | - |
| Hardware | Arista | 7500r | - |
| Hardware | Arista | 7500r2 | - |
| Hardware | Arista | 7500r3 | - |
| Application | Arista | Cloudeos | 4.21.11m |
| Application | Arista | Cloudvision Exchange | - |
| Application | Arista | Cloudvision Portal | 2015.1.1 |
| Hardware | Arista | Dcs-7050s | - |
| Hardware | Arista | Dcs-7050sx | - |
| Hardware | Arista | Dcs-7050t | - |
| Operating System | Arista | Eos | 4.15 |
| Operating System | Arista | Extensible Operating System | - |
| Application | Arista | Veos | 4.21.11m |