CVE-2023-24548

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-24548
On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://www.arista.com/en/support/advisories-notices/security-advisory/18043-security-advisory-0089 Exploit Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:4.25.0f:*:*:*:*:*:*:*
OR cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3-36s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3a-24d12:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3a-48d6:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3a-72:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280dr3a-36:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280dr3a-54:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280dr3ak-36:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280dr3ak-54:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280dr3am-36:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280dr3am-54:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280sr3-40yc6:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280tr3-40c6:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7500r3k-48y4d:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7504r3:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7508r3:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7512r3:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3-36d:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3a-36d:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3a-36dm:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3a-36p:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3a-36pm:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3ak-36dm:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3ak-36pm:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3k-36dm:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3k-48cqms:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3k-72y7512r3:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7808r3:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7812r3:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7816r3:-:*:*:*:*:*:*:*
History

05 Sep 2023, 18:52

Type Values Removed Values Added
CPE cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280dr3am-54:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280r3:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7504r3:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3-48cq:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280tr3-40c6:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3ak-36pm:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7808r3:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3a-24d12:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3k-36dm:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3a-48d6:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280dr3a-54:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280dr3ak-54:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3a-36p:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3-36p:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3-36s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3a-36pm:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7508r3:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7816r3:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3k-48cqms:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280sr3-40yc6:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7512r3:-:*:*:*:*:*:*:*
cpe:2.3:o:arista:eos:4.25.0f:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280cr3a-72:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3a-36d:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280dr3ak-36:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280dr3a-36:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3ak-36dm:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3k-48cq:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3-36d:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7280dr3am-36:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7812r3:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3a-36dm:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7500r3k-48y4d:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7800r3k-72y7512r3:-:*:*:*:*:*:*:*
First Time Arista 7280sr3-40yc6
Arista 7800r3k-48cqms
Arista 7500r3-36cq
Arista 7800r3a-36pm
Arista 7800r3k-36dm
Arista 7500r3-24d
Arista
Arista eos
Arista 7504r3
Arista 7800r3-36p
Arista 7816r3
Arista 7280r3
Arista 7280dr3-24
Arista 7280sr3-48yc8
Arista 7280dr3a-54
Arista 7500r3-24p
Arista 7800r3k-72y7512r3
Arista 7280dr3ak-54
Arista 7812r3
Arista 7280cr3-96
Arista 7800r3k-48cq
Arista 7280pr3-24
Arista 7280cr3-36s
Arista 7800r3-36d
Arista 7800r3a-36dm
Arista 7280cr3a-72
Arista 7280dr3am-54
Arista 7800r3ak-36dm
Arista 7800r3a-36p
Arista 7508r3
Arista 7280dr3a-36
Arista 7280dr3am-36
Arista 7500r3k-36cq
Arista 7280cr3-32p4
Arista 7280cr3a-48d6
Arista 7280dr3ak-36
Arista 7800r3ak-36pm
Arista 7280cr3-32d4
Arista 7280cr3a-24d12
Arista 7800r3a-36d
Arista 7500r3k-48y4d
Arista 7808r3
Arista 7800r3-48cq
Arista 7512r3
Arista 7280tr3-40c6
References (MISC) https://www.arista.com/en/support/advisories-notices/security-advisory/18043-security-advisory-0089 - (MISC) https://www.arista.com/en/support/advisories-notices/security-advisory/18043-security-advisory-0089 - Exploit, Vendor Advisory
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.5
CWE CWE-120

29 Aug 2023, 17:15

Type Values Removed Values Added
New CVE
Information

Published : 2023-08-29 17:15

Updated : 2023-12-10 15:14

NVD link : CVE-2023-24548

Mitre link : CVE-2023-24548

CVE.ORG link : CVE-2023-24548

JSON object : View

Products Affected

arista

  • 7280cr3a-24d12
  • 7280cr3-32d4
  • 7512r3
  • 7280cr3-96
  • 7508r3
  • 7280sr3-48yc8
  • 7800r3a-36d
  • 7280dr3ak-36
  • 7808r3
  • 7500r3-36cq
  • 7800r3k-48cq
  • 7800r3-36d
  • 7280dr3am-36
  • 7800r3k-48cqms
  • 7280dr3a-54
  • 7812r3
  • 7280cr3-36s
  • 7500r3-24p
  • 7280cr3a-48d6
  • 7500r3k-36cq
  • 7800r3-36p
  • 7280cr3-32p4
  • eos
  • 7280r3
  • 7800r3ak-36pm
  • 7280dr3a-36
  • 7500r3k-48y4d
  • 7800r3k-36dm
  • 7800r3a-36dm
  • 7280sr3-40yc6
  • 7280dr3-24
  • 7800r3-48cq
  • 7280cr3a-72
  • 7280dr3am-54
  • 7504r3
  • 7800r3ak-36dm
  • 7280pr3-24
  • 7800r3a-36p
  • 7280dr3ak-54
  • 7800r3k-72y7512r3
  • 7800r3a-36pm
  • 7816r3
  • 7280tr3-40c6
  • 7500r3-24d
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')