Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2015-8236

Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and 4.15 before 4.15.0FX1.1 allows remote attackers to execute arbitrary code as root by leveraging management-plane access, aka Bug 138716.

Published

2015-11-19T11:59:03.000

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 10.0 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

10.0

Weaknesses

Type: Primary
CWE-264

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	arista	eos	≤ 4.11.11	Yes
Operating System	arista	eos	4.12.5.2	Yes
Operating System	arista	eos	4.12.6.1	Yes
Operating System	arista	eos	4.12.7.1	Yes
Operating System	arista	eos	4.12.8	Yes
Operating System	arista	eos	4.12.8.1	Yes
Operating System	arista	eos	4.12.9	Yes
Operating System	arista	eos	4.12.10	Yes
Operating System	arista	eos	4.13.1.1f	Yes
Operating System	arista	eos	4.13.2.1f	Yes
Operating System	arista	eos	4.13.3.1f	Yes
Operating System	arista	eos	4.13.4.1f	Yes
Operating System	arista	eos	4.13.5	Yes
Operating System	arista	eos	4.13.5.1f	Yes
Operating System	arista	eos	4.13.6	Yes
Operating System	arista	eos	4.13.7.2m	Yes
Operating System	arista	eos	4.13.7.3m	Yes
Operating System	arista	eos	4.13.7m	Yes
Operating System	arista	eos	4.13.8m	Yes
Operating System	arista	eos	4.13.9.1m	Yes
Operating System	arista	eos	4.13.9m	Yes
Operating System	arista	eos	4.13.10m	Yes
Operating System	arista	eos	4.13.11m	Yes
Operating System	arista	eos	4.13.12m	Yes
Operating System	arista	eos	4.13.13m	Yes
Operating System	arista	eos	4.14.0f	Yes
Operating System	arista	eos	4.14.1f	Yes
Operating System	arista	eos	4.14.2f	Yes
Operating System	arista	eos	4.14.3.1f	Yes
Operating System	arista	eos	4.14.3f	Yes
Operating System	arista	eos	4.14.4.1f	Yes
Operating System	arista	eos	4.14.4.2f	Yes
Operating System	arista	eos	4.14.4f	Yes
Operating System	arista	eos	4.14.5.1f-ssu	Yes
Operating System	arista	eos	4.14.5f	Yes
Operating System	arista	eos	4.14.5fx	Yes
Operating System	arista	eos	4.14.5fx.1	Yes
Operating System	arista	eos	4.14.5fx.2	Yes
Operating System	arista	eos	4.14.5fx.3	Yes
Operating System	arista	eos	4.14.5fx.4	Yes
Operating System	arista	eos	4.14.6f	Yes
Operating System	arista	eos	4.14.7.1f	Yes
Operating System	arista	eos	4.14.7f	Yes
Operating System	arista	eos	4.14.8.1f	Yes
Operating System	arista	eos	4.14.8f	Yes
Operating System	arista	eos	4.14.9	Yes
Operating System	arista	eos	4.15.0f	Yes
Operating System	arista	eos	4.15.0fx	Yes
Operating System	arista	eos	4.15.0fx1	Yes
Operating System	arista	eos	4.15.0fxa	Yes
Operating System	arista	eos	4.15.1f	Yes
Operating System	arista	eos	4.15.1fx-7060qx	Yes
Operating System	arista	eos	4.15.1fx-7060x	Yes
Operating System	arista	eos	4.15.1fxb	Yes
Operating System	arista	eos	4.15.2f	Yes

References

https://www.arista.com/support/advisories-notices/security-advisories/1221-security-advisory-15 Vendor Advisory ([email protected])
https://www.arista.com/support/advisories-notices/security-advisories/1221-security-advisory-15 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)