Описание
On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.
Ссылки
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 4.26.0 (включая) до 4.26.9m (исключая)Версия от 4.27.0 (включая) до 4.27.8m (исключая)Версия от 4.28.0 (включая) до 4.28.5m (исключая)Версия от 4.29.0 (включая) до 4.29.2f (исключая)
Одновременно
Одно из
cpe:2.3:a:arista:cloudeos:*:*:*:*:*:*:*:*
cpe:2.3:a:arista:cloudeos:*:*:*:*:*:*:*:*
cpe:2.3:a:arista:cloudeos:*:*:*:*:*:*:*:*
cpe:2.3:a:arista:cloudeos:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:a:amazon:aws_marketplace:-:*:*:*:*:*:*:*
cpe:2.3:a:equinix:network_edge:-:*:*:*:*:*:*:*
cpe:2.3:a:google:google_cloud_platform_marketplace:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:azure_marketplace:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:dca-200-veos:-:*:*:*:*:*:*:*
EPSS
Процентиль: 35%
0.00143
Низкий
6.5 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-126
CWE-125
Связанные уязвимости
CVSS3: 7.5
github
почти 3 года назад
On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.
EPSS
Процентиль: 35%
0.00143
Низкий
6.5 Medium
CVSS3
7.5 High
CVSS3
Дефекты
CWE-126
CWE-125