Описание
On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.
Ссылки
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 4.26.0 (включая) до 4.26.9m (исключая)Версия от 4.27.0 (включая) до 4.27.8m (исключая)Версия от 4.28.0 (включая) до 4.28.5m (исключая)Версия от 4.29.0 (включая) до 4.29.2f (исключая)
Одновременно
Одно из
cpe:2.3:o:arista:cloudeos:*:*:*:*:*:*:*:*
cpe:2.3:o:arista:cloudeos:*:*:*:*:*:*:*:*
cpe:2.3:o:arista:cloudeos:*:*:*:*:*:*:*:*
cpe:2.3:o:arista:cloudeos:*:*:*:*:*:*:*:*
cpe:2.3:h:arista:dca-200-veos:-:*:*:*:*:*:*:*
EPSS
Процентиль: 52%
0.00291
Низкий
7.5 High
CVSS3
Дефекты
CWE-400
CWE-400
Связанные уязвимости
CVSS3: 7.5
github
почти 3 года назад
On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.
EPSS
Процентиль: 52%
0.00291
Низкий
7.5 High
CVSS3
Дефекты
CWE-400
CWE-400