On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent (referred to as the TerminAttr agent) is enabled and gNMI access is configured on the agent. Note: This gNMI over the Streaming Telemetry Agent scenario is mostly commonly used when streaming to a 3rd party system and is not used by default when streaming to CloudVision
References
Link | Resource |
---|---|
https://www.arista.com/en/support/advisories-notices/security-advisory/17250-security-advisory-0086 | Exploit Mitigation Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
|
History
09 May 2023, 16:02
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.arista.com/en/support/advisories-notices/security-advisory/17250-security-advisory-0086 - Exploit, Mitigation, Vendor Advisory | |
CPE | cpe:2.3:h:arista:7020tra-48:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7300x-32q:-:*:*:*:*:*:*:* cpe:2.3:a:arista:veos-lab:-:*:*:*:*:*:*:* cpe:2.3:h:arista:720dt-24s:-:*:*:*:*:*:*:* cpe:2.3:h:arista:96lbs:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7060px4-32:-:*:*:*:*:*:*:* cpe:2.3:a:arista:cloudeos:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7320x-32c:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050tx-48:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7260qx:-:*:*:*:*:*:*:* cpe:2.3:h:arista:dcs-7500e-48s-lc:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7130-48g3s:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7060dx4-32:-:*:*:*:*:*:*:* cpe:2.3:h:arista:dcs-7500r-36q-lc:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7260cx:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7150s-52:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7816r3:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7388x5:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7368x4:-:*:*:*:*:*:*:* cpe:2.3:h:arista:720xp-24y6:-:*:*:*:*:*:*:* cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:* cpe:2.3:h:arista:7280cr3k-96:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050sx2-72q:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050tx2-128:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050qx2-32s:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050tx-64:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7250qx-64:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7160-32cq:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7130-16g3s:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7280sr3k-48yc8:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7160-48yc6:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050sx-72q:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050qx-32s:-:*:*:*:*:*:*:* cpe:2.3:h:arista:720dp-48s:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:* cpe:2.3:h:arista:dcs-7500r-48s2cq-lc:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7170-64c:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7060cx-32s:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7150s-24:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7260cx3:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7300x-64t:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7150s-64:-:*:*:*:*:*:*:* cpe:2.3:h:arista:48s6qd:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:* cpe:2.3:h:arista:32qd:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7280cr3k-32p4:-:*:*:*:*:*:*:* cpe:2.3:h:arista:48lbas:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7808r3:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7150sc-64:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7130-96s:-:*:*:*:*:*:*:* cpe:2.3:a:arista:ceos-lab:*:*:*:*:*:*:*:* cpe:2.3:h:arista:dcs-7500e-12cm-lc:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7020sr-24c2:-:*:*:*:*:*:*:* cpe:2.3:h:arista:720xp-48zc2:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7300x3-48yc4:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7160-48tc6:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7280cr3k-32d4:-:*:*:*:*:*:*:* cpe:2.3:h:arista:48ehs:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7280cr2k-60:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7020tr-48:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7170-32c:-:*:*:*:*:*:*:* cpe:2.3:h:arista:dcs-7500e-36q-lc:-:*:*:*:*:*:*:* cpe:2.3:h:arista:dcs-7500e-6c2-lc:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7358x4:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050sx2-128:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7804r3:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050sx-64:-:*:*:*:*:*:*:* cpe:2.3:h:arista:48lbs:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7280pr3k-24:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050tx-72q:-:*:*:*:*:*:*:* cpe:2.3:h:arista:720dt-48s:-:*:*:*:*:*:*:* cpe:2.3:h:arista:dcs-7500r-36cq-lc:-:*:*:*:*:*:*:* cpe:2.3:h:arista:720xp-48y6:-:*:*:*:*:*:*:* cpe:2.3:h:arista:720xp-96zc2:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7260sx2:-:*:*:*:*:*:*:* cpe:2.3:h:arista:dcs-7500-12cq-lc:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7020sr-32c2:-:*:*:*:*:*:*:* cpe:2.3:h:arista:dcs-7010tx-48:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7010t-48:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7170b-64c:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7300x3-32c:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7170-32cd:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:* cpe:2.3:h:arista:720xp-24zy4:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050sx-128:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:* cpe:2.3:h:arista:720dp-24s:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7060sx2-48yc6:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7300x-64s:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7280dr3k-24:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7280e:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7060cx2-32s:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7150sc-24:-:*:*:*:*:*:*:* cpe:2.3:h:arista:720df-48y:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7812r3:-:*:*:*:*:*:*:* cpe:2.3:h:arista:dcs-7500e-72s-lc:-:*:*:*:*:*:*:* cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:* |
|
First Time |
Arista 7388x5
Arista 7250qx-64 Arista 7170-32c Arista cloudeos Arista 7050sx-72q Arista 48lbas Arista 7020sr-24c2 Arista 96lbs Arista 7280cr3k-96 Arista 7130-96s Arista 7010t-48 Arista 7060cx2-32s Arista 7150s-64 Arista 7260cx Arista 7170b-64c Arista 7500r3-24p Arista 7150s-52 Arista 7160-32cq Arista 7280cr3-32p4 Arista dcs-7500r-36cq-lc Arista 7500r3k-36cq Arista 7050cx3-32s Arista 7130-48g3s Arista 7160-48yc6 Arista 7280e Arista 7300x3-32c Arista 7260qx Arista 7280sr3k-48yc8 Arista dcs-7500e-72s-lc Arista dcs-7500-12cq-lc Arista 48lbs Arista 7280pr3k-24 Arista 720xp-24zy4 Arista 720dt-48s Arista 7300x-64t Arista 7280cr2k-60 Arista 7050sx2-128 Arista 7050cx3m-32s Arista 7050tx-48 Arista 7050tx-72q Arista 7170-32cd Arista 720xp-96zc2 Arista eos Arista 7020sr-32c2 Arista 7320x-32c Arista 7050sx-128 Arista 7050sx2-72q Arista 720xp-48y6 Arista 7280dr3-24 Arista 7368x4 Arista 7050sx3-96yc8 Arista 7150sc-24 Arista 7060sx2-48yc6 Arista 7050tx3-48c8 Arista dcs-7500e-36q-lc Arista 7050qx-32s Arista 7020tra-48 Arista dcs-7500e-12cm-lc Arista veos-lab Arista 7280cr3-32d4 Arista 7500r3-24d Arista 7804r3 Arista 32qd Arista 720dp-24s Arista 7300x-64s Arista Arista 720xp-48zc2 Arista 7060px4-32 Arista 720xp-24y6 Arista 7280dr3k-24 Arista 7050sx3-48yc8 Arista dcs-7500r-36q-lc Arista dcs-7500e-48s-lc Arista 720dp-48s Arista 7816r3 Arista 7050sx3-48yc12 Arista 7260cx3 Arista ceos-lab Arista 48ehs Arista 720dt-24s Arista 7060cx-32s Arista 7280cr3-96 Arista 7050tx-64 Arista 7160-48tc6 Arista 7050sx3-48yc Arista 7500r3-36cq Arista 720df-48y Arista 7812r3 Arista 7020tr-48 Arista 7280cr3k-32p4 Arista 48s6qd Arista 7300x-32q Arista 7050tx2-128 Arista 7060dx4-32 Arista 7050qx2-32s Arista dcs-7500r-48s2cq-lc Arista 7260sx2 Arista 7280pr3-24 Arista dcs-7010tx-48 Arista 7300x3-48yc4 Arista 7150sc-64 Arista 7170-64c Arista 7280cr3k-32d4 Arista 7280sr3-48yc8 Arista 7808r3 Arista 7130-16g3s Arista 7150s-24 Arista 7358x4 Arista dcs-7500e-6c2-lc Arista 7050sx3-48c8 Arista 7050sx-64 |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
CWE | CWE-863 |
25 Apr 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-25 21:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-24512
Mitre link : CVE-2023-24512
CVE.ORG link : CVE-2023-24512
JSON object : View
Products Affected
arista
- 48lbas
- 7170-64c
- 7020sr-32c2
- 7050sx3-96yc8
- 7060dx4-32
- 7300x-64t
- 7160-32cq
- 7050sx2-72q
- dcs-7500e-6c2-lc
- 7020sr-24c2
- 7170-32c
- 7280cr3k-32d4
- 7280pr3-24
- 720xp-96zc2
- 7280dr3k-24
- 7170b-64c
- 7808r3
- 7050qx2-32s
- dcs-7500e-48s-lc
- 7050qx-32s
- 720xp-24zy4
- 7812r3
- 7260cx3
- 7050sx3-48yc12
- 7250qx-64
- 32qd
- 7050tx-48
- 7150s-64
- 7050tx-64
- 7280cr2k-60
- 7050sx3-48yc
- 7280cr3k-32p4
- 7500r3-24p
- 720dt-48s
- 7280e
- cloudeos
- 7050sx-72q
- 48ehs
- 7060cx-32s
- 7500r3k-36cq
- 7500r3-24d
- ceos-lab
- 7170-32cd
- 7050cx3m-32s
- 7050tx-72q
- 7060px4-32
- 7050sx3-48yc8
- 48lbs
- 7280cr3-32p4
- 7300x-32q
- 720xp-48zc2
- 7150s-52
- dcs-7500e-36q-lc
- 7260cx
- 7130-16g3s
- 7160-48tc6
- 7050sx-128
- 720xp-24y6
- 720xp-48y6
- 7388x5
- 7050sx3-48c8
- 7150sc-24
- 96lbs
- 7050cx3-32s
- 7320x-32c
- 7280cr3k-96
- 7010t-48
- dcs-7500r-36cq-lc
- 7816r3
- 720df-48y
- 7280sr3-48yc8
- dcs-7500e-72s-lc
- 720dp-48s
- 7150s-24
- 7020tra-48
- 7804r3
- 7050sx2-128
- 7260qx
- 48s6qd
- 7280sr3k-48yc8
- 7300x3-32c
- 7130-96s
- veos-lab
- 7050tx3-48c8
- dcs-7010tx-48
- 7150sc-64
- 7300x-64s
- 7300x3-48yc4
- 7160-48yc6
- 7130-48g3s
- 7060cx2-32s
- eos
- dcs-7500r-36q-lc
- 7280pr3k-24
- 720dp-24s
- 720dt-24s
- 7050tx2-128
- 7020tr-48
- 7260sx2
- 7280cr3-32d4
- dcs-7500-12cq-lc
- 7368x4
- 7280dr3-24
- 7500r3-36cq
- dcs-7500e-12cm-lc
- 7358x4
- dcs-7500r-48s2cq-lc
- 7050sx-64
- 7060sx2-48yc6
- 7280cr3-96