{ "id": "CVE-2020-26569", "sourceIdentifier": "cve@mitre.org", "published": "2020-12-28T16:15:12.870", "lastModified": "2024-11-21T05:20:06.097", "vulnStatus": "Modified", "cveTags": [], "descriptions": [ { "lang": "en", "value": "In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries. This can result in traffic being discarded on the receiving VLAN. This affects versions: 4.21.12M and below releases in the 4.21.x train; 4.22.7M and below releases in the 4.22.x train; 4.23.5M and below releases in the 4.23.x train; 4.24.2F and below releases in the 4.24.x train." }, { "lang": "es", "value": "En unas configuraciones EVPN VxLAN en Arista EOS, los paquetes malformados espec\u00edficos pueden conllevar a enlaces incorrectos de MAC a IP y, como resultado, los paquetes pueden ser reenviados incorrectamente a trav\u00e9s de los l\u00edmites de la VLAN. Esto puede causar que el tr\u00e1fico se descarte en la VLAN receptora. Esto afecta a las versiones: 4.21.12M y versiones inferiores en el tren 4.21.x; 4.22.7M y versiones inferiores en el tren 4.22.x; 4.23.5M y versiones inferiores en el tren 4.23.x; 4.24.2F y versiones inferiores en el tren 4.24.x" } ], "metrics": { "cvssMetricV31": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "baseScore": 5.9, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH" }, "exploitabilityScore": 2.2, "impactScore": 3.6 } ], "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "baseScore": 4.3, "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL" }, "baseSeverity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.21.0f", "versionEndIncluding": "4.21.12m", "matchCriteriaId": "F78A5196-C732-490D-96C8-EECC3D1D5864" }, { "vulnerable": true, "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.22.0f", "versionEndIncluding": "4.22.7m", "matchCriteriaId": "EAE443F7-EDE6-421C-A898-4CC045C29344" }, { "vulnerable": true, "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.23.0f", "versionEndIncluding": "4.23.5m", "matchCriteriaId": "562677FC-A1E6-4C29-995F-7FB833869FBE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.24.0f", "versionEndIncluding": "4.24.2f", "matchCriteriaId": "B4BF634C-E2E7-4982-BCA2-56BCDC37495E" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7010t-48:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CCF6152-815E-4B3C-AE4B-CA598BEBD020" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:*", "matchCriteriaId": "E1FF0290-C671-4ABC-8A12-05E4D55FC4AE" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:*", "matchCriteriaId": "828C6E4F-814A-4060-8F5E-7FF359C8739C" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050qx-32s:-:*:*:*:*:*:*:*", "matchCriteriaId": "253D74DE-97F5-40F3-B179-D2D4442C57FD" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050qx2-32s:-:*:*:*:*:*:*:*", "matchCriteriaId": "75E03F9E-522F-4D9B-9267-09E2550B5465" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050sx-128:-:*:*:*:*:*:*:*", "matchCriteriaId": "895A7AFD-BE76-47F5-B67B-6279046E4274" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050sx-64:-:*:*:*:*:*:*:*", "matchCriteriaId": "74E258EC-EA50-4185-AA35-5D963C359E74" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050sx-72q:-:*:*:*:*:*:*:*", "matchCriteriaId": "1482D4FC-60B9-4C89-B892-71AA3E1031F3" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050sx2-128:-:*:*:*:*:*:*:*", "matchCriteriaId": "C99D84E9-2229-459E-AE90-49C2EF670884" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050sx2-72q:-:*:*:*:*:*:*:*", "matchCriteriaId": "D922C725-1139-4DD4-92FC-9FF15E35CE62" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE35C17F-0C60-4A40-9949-D4C5D94D1D7A" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:*", "matchCriteriaId": "07BA078E-30B7-4E2C-B240-BF64E98143E9" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBFD0706-CACB-40FA-A41B-46B39C6E1D33" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:*", "matchCriteriaId": "5951D243-CB68-4B41-A913-D879CE502795" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:*", "matchCriteriaId": "73156612-D338-4E20-8C82-0E65DAA72331" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050tx-48:-:*:*:*:*:*:*:*", "matchCriteriaId": "78E7CDCC-ADC6-4854-BFC4-72DA47C5F10B" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050tx-64:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B03678D-AD7B-4B1A-8E6A-1811DD8B1483" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050tx-72q:-:*:*:*:*:*:*:*", "matchCriteriaId": "E803639C-13A1-48CA-A589-C83654AE454F" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050tx2-128:-:*:*:*:*:*:*:*", "matchCriteriaId": "A495D282-D3DC-4D18-AB72-2358834C238E" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:*", "matchCriteriaId": "388C57D8-4B3C-4E5D-84AA-0CB7506F825A" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7060cx-32s:-:*:*:*:*:*:*:*", "matchCriteriaId": "D518C8D5-A86B-46E5-A646-8939BFA2E116" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7060cx2-32s:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1608297-7079-4F3B-857E-708B74E944D9" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7060dx4-32:-:*:*:*:*:*:*:*", "matchCriteriaId": "806A01C5-231D-4F9D-A292-E9DD706A0C66" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7060px4-32:-:*:*:*:*:*:*:*", "matchCriteriaId": "AC10746F-8FC0-49EF-BB9C-EC49B734DFA3" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7060sx2-48yc6:-:*:*:*:*:*:*:*", "matchCriteriaId": "26582E98-B710-46D7-B8F2-9286E0592FA6" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:720xp-24y6:-:*:*:*:*:*:*:*", "matchCriteriaId": "7AFDBCBB-2C1A-4B88-AE28-EF63D5B9EDD2" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:720xp-24zy4:-:*:*:*:*:*:*:*", "matchCriteriaId": "58757129-BF9C-4BD8-B692-BB57023F8A48" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:720xp-48y6:-:*:*:*:*:*:*:*", "matchCriteriaId": "2756BB4B-1053-4EAC-AC0B-785FD5039D5F" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:720xp-48zc2:-:*:*:*:*:*:*:*", "matchCriteriaId": "40D36540-7723-4284-A207-6BD27728CA25" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:720xp-96zc2:-:*:*:*:*:*:*:*", "matchCriteriaId": "DF95CB28-E010-4A1D-A746-F9DDF015868F" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7250qx-64:-:*:*:*:*:*:*:*", "matchCriteriaId": "0DD95B3B-D655-42DC-85C2-2C6FDBCC77F1" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7260cx:-:*:*:*:*:*:*:*", "matchCriteriaId": "E40D14DE-BAFB-461F-9AA7-E3EDC2D8D468" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7260cx3:-:*:*:*:*:*:*:*", "matchCriteriaId": "901E5B76-0EB7-4EAD-A281-15B9F78041AB" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7260cx3-64:-:*:*:*:*:*:*:*", "matchCriteriaId": "49BAE58E-F4B5-4C8F-9EEB-5A0F38A96F0C" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7260qx:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE1DE992-9BFA-4794-82F4-66F464BB384E" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7300x-32q:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDF8A65D-6FBC-4C38-8B45-418E6C5EB16C" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7300x-64s:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F088D51-24F4-49AD-8397-73D1EAF45F56" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7300x-64t:-:*:*:*:*:*:*:*", "matchCriteriaId": "69BA5C6D-40C0-4AA3-AC10-D7F097D8EDD9" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7300x3-32c:-:*:*:*:*:*:*:*", "matchCriteriaId": "0040BDDF-D711-4619-9E96-96EFBD33CAA0" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7300x3-48yc4:-:*:*:*:*:*:*:*", "matchCriteriaId": "D4AA716D-CAD1-4689-8A26-977A2E5F869E" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7304x3:-:*:*:*:*:*:*:*", "matchCriteriaId": "78FE473B-CA6E-4E8D-8DBF-676B1ECBB185" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7308x3:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F1EF943-154C-4B5B-B803-E186FEA8C5A0" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7320x-32c:-:*:*:*:*:*:*:*", "matchCriteriaId": "5AD08CBF-6F42-4F98-B413-F65C5613BE6B" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7324x:-:*:*:*:*:*:*:*", "matchCriteriaId": "B8862F74-E399-41EE-A081-62D99A7C1755" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7328x:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F16261D-639F-4CAB-BDA6-EF3F277E663C" }, { "vulnerable": false, "criteria": "cpe:2.3:h:arista:7368x4:-:*:*:*:*:*:*:*", "matchCriteriaId": "161DB0D9-9BAC-4546-88D3-5547F4B6149C" } ] } ] } ], "references": [ { "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/11997-security-advisory-57", "source": "cve@mitre.org", "tags": [ "Exploit", "Vendor Advisory" ] }, { "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/11997-security-advisory-57", "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit", "Vendor Advisory" ] } ] }