Vulnerabilities > CVE-2020-11622 - Unspecified vulnerability in Arista Cloudeos and Veos

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

arista

NVD

Published: 2020-06-10

Updated: 2024-11-21

Summary

A vulnerability exists in Arista’s Cloud EOS VM / vEOS 4.23.2M and below releases in the 4.23.x train, 4.22.4M and below releases in the 4.22.x train, 4.21.3M to 4.21.9M releases in the 4.21.x train, 4.21.3FX-7368.*, 4.21.4-FCRFX.*, 4.21.4.1, 4.21.7.1, 4.22.2.0.1, 4.22.2.2.1, 4.22.3.1, and 4.23.2.1 Router code in a scenario where TCP MSS options are configured.

Vulnerable Configurations

Part	Description	Count
Application	Arista Arista Veos 4.22.0 Arista Veos 4.22.2.0.1 Arista Veos 4.22.2.2.1 Arista Veos 4.22.3.1 Arista Veos 4.22.4M Arista Veos 4.23.0 Arista Veos 4.23.2.1 Arista Veos 4.23.2M Arista Veos 4.21.3M Arista Veos 4.21.4-Fcrfx Arista Veos 4.21.4.1 Arista Veos 4.21.7.1 Arista Veos 4.21.9M Arista Veos 4.21.3Fx-7368 Arista Cloudeos 4.21.4-Fcrfx Arista Cloudeos 4.21.4.1 Arista Cloudeos 4.21.7.1 Arista Cloudeos 4.22.2.0.1 Arista Cloudeos 4.22.2.2.1 Arista Cloudeos 4.22.3.1 Arista Cloudeos 4.23.2.1 Arista Cloudeos 4.21.3Fx-7368 Arista Cloudeos 4.22.0 Arista Cloudeos 4.22.4M Arista Cloudeos 4.23.0 Arista Cloudeos 4.23.2M Arista Cloudeos 4.21.3M Arista Cloudeos 4.21.9M	28

Summary

Vulnerable Configurations

References