{ "id": "CVE-2023-24548", "sourceIdentifier": "psirt@arista.com", "published": "2023-08-29T17:15:11.790", "lastModified": "2023-09-05T18:52:02.053", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.\n" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 2.8, "impactScore": 3.6 }, { "source": "psirt@arista.com", "type": "Secondary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 5.3, "baseSeverity": "MEDIUM" }, "exploitabilityScore": 1.6, "impactScore": 3.6 } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-120" } ] }, { "source": "psirt@arista.com", "type": "Secondary", "description": [ { "lang": "en", "value": "CWE-120" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.22.1f", "versionEndIncluding": "4.22.13m", "matchCriteriaId": "A9F1F226-FDB1-4452-B166-D08635DAEC5B" }, { "vulnerable": true, "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.23.0", "versionEndIncluding": "4.23.14m", "matchCriteriaId": "13BE6AE1-4649-4E0B-A4CA-2632CD400940" }, { "vulnerable": true, "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.24.0", "versionEndIncluding": "4.24.11m", "matchCriteriaId": "2909559A-6FB4-400C-A1AE-BF2B883F4964" }, { "vulnerable": true, "criteria": "cpe:2.3:o:arista:eos:4.25.0f:*:*:*:*:*:*:*", "matchCriteriaId": "37536357-7701-48BE-9751-9BADD8E4AAAF" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FEC18B3-7980-4EBF-8E15-F8E92DADD062" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:*", "matchCriteriaId": "87E85F7C-F33B-49C1-A526-ACC1BEF3B65C" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280cr3-36s:-:*:*:*:*:*:*:*", "matchCriteriaId": "A3B9CB1B-730E-45C9-A0B1-3C2F4A72A159" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:*", "matchCriteriaId": "2E54F451-CA87-4F32-A088-AE18123CE07A" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280cr3a-24d12:-:*:*:*:*:*:*:*", "matchCriteriaId": "43B967ED-2212-4558-A9AC-ACA94C94FD39" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280cr3a-48d6:-:*:*:*:*:*:*:*", "matchCriteriaId": "CD7877C6-9DE4-4952-94D2-3A456D02CF1A" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280cr3a-72:-:*:*:*:*:*:*:*", "matchCriteriaId": "2FD635FB-5EA8-4B02-894C-4C016090AAB3" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "85D9E9FF-564E-4B16-8070-33A366F48FE9" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280dr3a-36:-:*:*:*:*:*:*:*", "matchCriteriaId": "DC1F6DBC-212F-4E0B-B039-06955322B0D7" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280dr3a-54:-:*:*:*:*:*:*:*", "matchCriteriaId": "BC474A71-8D2F-4138-9D65-E2F86B0B62DC" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280dr3ak-36:-:*:*:*:*:*:*:*", "matchCriteriaId": "1943057A-5776-4B20-97C7-03CE14AEA367" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280dr3ak-54:-:*:*:*:*:*:*:*", "matchCriteriaId": "1AE86A14-76ED-4427-94CC-7BF335BB9369" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280dr3am-36:-:*:*:*:*:*:*:*", "matchCriteriaId": "986DCBF4-E4FB-41EE-BD1B-D62A4EC7237E" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280dr3am-54:-:*:*:*:*:*:*:*", "matchCriteriaId": "4EA04EA0-170A-4B79-96B8-8F09D6FFC261" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "F14163D2-B236-4C78-9DB4-97DE6D996EBC" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*", "matchCriteriaId": "60FC964C-9835-443A-A584-3A5D6022E914" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280sr3-40yc6:-:*:*:*:*:*:*:*", "matchCriteriaId": "D4B5A8D4-43BA-4591-BE00-00031D4BDBE3" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*", "matchCriteriaId": "8143579F-AD53-4D74-AE3E-4D465DCD7A57" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7280tr3-40c6:-:*:*:*:*:*:*:*", "matchCriteriaId": "939772F0-4352-46C1-B6D5-38FA12EBF6E1" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE1BB565-2668-4242-8A00-5CC9C30B9AC9" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*", "matchCriteriaId": "15F1A605-8836-4A64-AC5E-ADAB34F8F104" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE8A047A-9FD9-4AE1-9E47-457A46BAE3A4" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*", "matchCriteriaId": "019B0670-389B-4A4E-8C72-52202E3AA8EF" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7500r3k-48y4d:-:*:*:*:*:*:*:*", "matchCriteriaId": "FCDF5089-5914-4B4F-A2E6-0EB2B40698A5" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7504r3:-:*:*:*:*:*:*:*", "matchCriteriaId": "8387CCEA-F00C-4F1F-B966-ACF8B16F1D22" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7508r3:-:*:*:*:*:*:*:*", "matchCriteriaId": "55AE2A1C-A4FD-423B-A77E-2E24C2310A6A" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7512r3:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4B0D708-B426-4CA1-BE87-08BD14B7EACE" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7800r3-36d:-:*:*:*:*:*:*:*", "matchCriteriaId": "1E49B089-AE52-4B47-A3B4-547D10ACED9A" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*", "matchCriteriaId": "D19E86BF-AA91-4262-8EF9-B7FC48C6F3F8" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*", "matchCriteriaId": "58443CDE-33D8-4460-A861-CDC07431AA22" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7800r3a-36d:-:*:*:*:*:*:*:*", "matchCriteriaId": "26FDC60C-860F-40BD-AF13-54712B56C87F" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7800r3a-36dm:-:*:*:*:*:*:*:*", "matchCriteriaId": "70658CB0-D114-40E5-866D-B21875FFF93C" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7800r3a-36p:-:*:*:*:*:*:*:*", "matchCriteriaId": "E6BBA281-F67E-4D13-BDCD-E1164912EC8C" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7800r3a-36pm:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3B0C0EE-3C5E-4E3E-9BAE-9D5D06A98CAB" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7800r3ak-36dm:-:*:*:*:*:*:*:*", "matchCriteriaId": "ABAC894C-D39E-4BB2-A968-E2F23C299A29" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7800r3ak-36pm:-:*:*:*:*:*:*:*", "matchCriteriaId": "D2C6E3F9-0191-4BC5-A89C-58BF13C195B6" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7800r3k-36dm:-:*:*:*:*:*:*:*", "matchCriteriaId": "C0B813A1-8BD1-4AFA-95A3-5947A918E9AF" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*", "matchCriteriaId": "64BE8C68-FE98-4162-A3D3-54494D5444F5" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7800r3k-48cqms:-:*:*:*:*:*:*:*", "matchCriteriaId": "9615121C-4EC0-44F5-8C00-E70271CC04A2" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7800r3k-72y7512r3:-:*:*:*:*:*:*:*", "matchCriteriaId": "185E4E68-D5EF-4B7B-B1EF-7EF1B00F118C" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7808r3:-:*:*:*:*:*:*:*", "matchCriteriaId": "2F078B04-2DA0-4A4B-BB1A-408DC14CB61F" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7812r3:-:*:*:*:*:*:*:*", "matchCriteriaId": "E9B99200-EC76-404E-9900-5D1DC3B9A758" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7816r3:-:*:*:*:*:*:*:*", "matchCriteriaId": "5A172A49-1A0E-464B-BDDD-A8F52856D595" } ] } ] } ], "references": [ { "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/18043-security-advisory-0089", "source": "psirt@arista.com", "tags": [ "Exploit", "Vendor Advisory" ] } ] }