Vulnerabilities > CVE-2020-13100 - Unspecified vulnerability in Arista Cloudvision Exchange

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

arista

NVD

Published: 2020-10-26

Updated: 2020-11-02

Summary

Arista’s CloudVision eXchange (CVX) server before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (crash and restart) in the ControllerOob agent via a malformed control-plane packet.

Vulnerable Configurations

Part	Description	Count
Application	Arista Arista Cloudvision Exchange *	1

References

https://www.arista.com/en/support/advisories-notices/security-advisories/11758-security-advisory-52