Every CVE whose affected-product data names Arista Eos, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (46)
CVE-2015-8236 — CVSS 10.0 (critical): Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and 4.15 before 4.15.0FX1.1 allows remote…
CVE-2017-14491 — CVSS 9.8 (critical): Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code…
CVE-2020-10188 — CVSS 9.8 (critical): utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data…
CVE-2017-18017 — CVSS 9.8 (critical): The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote…
CVE-2015-5165 — CVSS 9.3 (critical): The C+ mode offload emulation in the RTL8139 network card device model in QEMU, as used in Xen 4.5.x and earlier, allows remote attackers…
CVE-2023-24509 — CVSS 9.3 (critical): On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol…
CVE-2021-28500 — CVSS 9.1 (critical): An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents…
CVE-2021-28506 — CVSS 9.1 (critical): An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and authentication which could…
CVE-2023-24512 — CVSS 8.8 (high): On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing…
CVE-2024-6387 — CVSS 8.1 (high): A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle…
CVE-2018-5254 — CVSS 7.5 (high): Arista EOS before 4.20.2F allows remote BGP peers to cause a denial of service (Rib agent restart) via a malformed path attribute in an…
CVE-2023-24510 — CVSS 7.5 (high): On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart.
CVE-2019-17596 — CVSS 7.5 (high): Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There…
CVE-2019-18948 — CVSS 7.5 (high): An issue was found in Arista EOS. Specific malformed ARP packets can impact the software forwarding of VxLAN packets. This issue is found…
CVE-2015-3209 — CVSS 7.5 (high): Heap-based buffer overflow in the PCNET controller in QEMU allows remote attackers to execute arbitrary code by sending a packet with…
CVE-2020-15897 — CVSS 7.5 (high): Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause…
CVE-2021-28505 — CVSS 7.5 (high): On affected Arista EOS platforms, if a VXLAN match rule exists in an IPv4 access-list that is applied to the ingress of an L2 or an L3…
CVE-2020-17355 — CVSS 7.5 (high): Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a…
CVE-2021-28504 — CVSS 7.5 (high): On Arista Strata family products which have “TCAM profile” feature enabled when Port IPv4 access-list has a rule which matches on…
CVE-2015-6855 — CVSS 7.5 (high): hw/ide/core.c in QEMU does not properly restrict the commands accepted by an ATAPI device, which allows guest users to cause a denial of…
CVE-2020-24360 — CVSS 7.4 (high): An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a…
CVE-2021-28503 — CVSS 7.4 (high): The impact of this vulnerability is that Arista's EOS eAPI may skip re-evaluating user credentials when certificate based authentication is…
CVE-2015-3214 — CVSS 6.9 (medium): The pit_ioport_read in i8254.c in the Linux kernel before 2.6.33 and QEMU before 2.3.1 does not distinguish between read lengths and write…
CVE-2021-28508 — CVSS 6.8 (medium): This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and…
CVE-2015-5745 — CVSS 6.5 (medium): Buffer overflow in the send_control_msg function in hw/char/virtio-serial-bus.c in QEMU before 2.4.0 allows guest users to cause a denial…
CVE-2015-5278 — CVSS 6.5 (medium): The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and…
CVE-2018-5255 — CVSS 6.5 (medium): The Mlag agent in Arista EOS 4.19 before 4.19.4M and 4.20 before 4.20.2F allows remote attackers to cause a denial of service (agent…
CVE-2015-5239 — CVSS 6.5 (medium): Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a…
CVE-2021-28509 — CVSS 6.1 (medium): This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and…
CVE-2023-3646 — CVSS 5.9 (medium): On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel…
CVE-2020-26569 — CVSS 5.9 (medium): In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be…
CVE-2021-28511 — CVSS 5.8 (medium): This advisory documents the impact of an internally found vulnerability in Arista EOS for security ACL bypass. The impact of this…
CVE-2021-28496 — CVSS 5.7 (medium): On systems running Arista EOS and CloudEOS with the affected release version, when using shared secret profiles the password configured for…
CVE-2021-28507 — CVSS 5.5 (medium): An issue has recently been discovered in Arista EOS where, under certain conditions, the service ACL configured for OpenConfig gNOI and…
CVE-2023-24548 — CVSS 5.3 (medium): On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded…
CVE-2020-15898 — CVSS 5.3 (medium): In Arista EOS malformed packets can be incorrectly forwarded across VLAN boundaries in one direction. This vulnerability is only…
CVE-2023-24511 — CVSS 5.3 (medium): On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process…
CVE-2021-28510 — CVSS 5.3 (medium): For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value…
CVE-2020-25686 — CVSS 3.7 (low): A flaw was found in dnsmasq before version 2.83. When receiving a query, dnsmasq does not check for an existing pending request for the…
CVE-2020-25684 — CVSS 3.7 (low): A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query()…
CVE-2020-25685 — CVSS 3.7 (low): A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query()…
CVE-2015-6815 — CVSS 3.5 (low): The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a…