Vulnerabilities > Arista > EOS > 4.24.2f

DATE CVE VULNERABILITY TITLE RISK
2021-10-21 CVE-2021-28496 Insufficiently Protected Credentials vulnerability in Arista EOS
On systems running Arista EOS and CloudEOS with the affected release version, when using shared secret profiles the password configured for use by BiDirectional Forwarding Detection (BFD) will be leaked when displaying output over eAPI or other JSON outputs to other authenticated users on the device.
network
low complexity
arista CWE-522
6.5
6.5
2021-01-20 CVE-2020-25686 A flaw was found in dnsmasq before version 2.83.
network
high complexity
thekelleys fedoraproject debian arista
3.7
3.7
2021-01-20 CVE-2020-25685 Inadequate Encryption Strength vulnerability in multiple products
A flaw was found in dnsmasq before version 2.83.
network
high complexity
thekelleys fedoraproject debian arista CWE-326
3.7
3.7
2021-01-20 CVE-2020-25684 A flaw was found in dnsmasq before version 2.83.
network
high complexity
thekelleys fedoraproject debian arista
3.7
3.7
2020-12-28 CVE-2020-26569 Unspecified vulnerability in Arista EOS
In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries.
network
high complexity
arista
5.9
5.9