Vulnerabilities > Arista

DATE CVE VULNERABILITY TITLE RISK
2021-05-11 CVE-2020-26146 Improper Input Validation vulnerability in multiple products
An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices.
high complexity
samsung arista siemens CWE-20
5.3
2021-05-11 CVE-2020-26147 An issue was discovered in the Linux kernel 5.8.9.
high complexity
linux debian arista siemens
5.4
2021-01-20 CVE-2020-25686 A flaw was found in dnsmasq before version 2.83.
network
high complexity
thekelleys fedoraproject debian arista
3.7
2021-01-20 CVE-2020-25685 Inadequate Encryption Strength vulnerability in multiple products
A flaw was found in dnsmasq before version 2.83.
network
high complexity
thekelleys fedoraproject debian arista CWE-326
3.7
2021-01-20 CVE-2020-25684 A flaw was found in dnsmasq before version 2.83.
network
high complexity
thekelleys fedoraproject debian arista
3.7
2020-12-28 CVE-2020-24360 Improper Resource Shutdown or Release vulnerability in Arista EOS
An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload.
low complexity
arista CWE-404
7.4
2020-12-28 CVE-2020-15898 Unspecified vulnerability in Arista EOS
In Arista EOS malformed packets can be incorrectly forwarded across VLAN boundaries in one direction.
network
low complexity
arista
5.3
2020-12-28 CVE-2020-26569 Unspecified vulnerability in Arista EOS
In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries.
network
high complexity
arista
5.9
2020-10-26 CVE-2020-15897 Unspecified vulnerability in Arista EOS
Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause traffic loss or incorrect forwarding of traffic via a malformed link-state PDU to the IS-IS router.
network
low complexity
arista
7.5
2020-10-26 CVE-2020-13100 Unspecified vulnerability in Arista Cloudvision Exchange
Arista’s CloudVision eXchange (CVX) server before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (crash and restart) in the ControllerOob agent via a malformed control-plane packet.
network
low complexity
arista
7.5