Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-26569

In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries. This can result in traffic being discarded on the receiving VLAN. This affects versions: 4.21.12M and below releases in the 4.21.x train; 4.22.7M and below releases in the 4.22.x train; 4.23.5M and below releases in the 4.23.x train; 4.24.2F and below releases in the 4.24.x train.

Published

2020-12-28T16:15:12.870

Last Modified

2024-11-21T05:20:06.097

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.9 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	arista	eos	≤ 4.21.12m	Yes
Operating System	arista	eos	≤ 4.22.7m	Yes
Operating System	arista	eos	≤ 4.23.5m	Yes
Operating System	arista	eos	≤ 4.24.2f	Yes
Hardware	arista	7010t-48	-	No
Hardware	arista	7050cx3-32s	-	No
Hardware	arista	7050cx3m-32s	-	No
Hardware	arista	7050qx-32s	-	No
Hardware	arista	7050qx2-32s	-	No
Hardware	arista	7050sx-128	-	No
Hardware	arista	7050sx-64	-	No
Hardware	arista	7050sx-72q	-	No
Hardware	arista	7050sx2-128	-	No
Hardware	arista	7050sx2-72q	-	No
Hardware	arista	7050sx3-48c8	-	No
Hardware	arista	7050sx3-48yc	-	No
Hardware	arista	7050sx3-48yc12	-	No
Hardware	arista	7050sx3-48yc8	-	No
Hardware	arista	7050sx3-96yc8	-	No
Hardware	arista	7050tx-48	-	No
Hardware	arista	7050tx-64	-	No
Hardware	arista	7050tx-72q	-	No
Hardware	arista	7050tx2-128	-	No
Hardware	arista	7050tx3-48c8	-	No
Hardware	arista	7060cx-32s	-	No
Hardware	arista	7060cx2-32s	-	No
Hardware	arista	7060dx4-32	-	No
Hardware	arista	7060px4-32	-	No
Hardware	arista	7060sx2-48yc6	-	No
Hardware	arista	720xp-24y6	-	No
Hardware	arista	720xp-24zy4	-	No
Hardware	arista	720xp-48y6	-	No
Hardware	arista	720xp-48zc2	-	No
Hardware	arista	720xp-96zc2	-	No
Hardware	arista	7250qx-64	-	No
Hardware	arista	7260cx	-	No
Hardware	arista	7260cx3	-	No
Hardware	arista	7260cx3-64	-	No
Hardware	arista	7260qx	-	No
Hardware	arista	7300x-32q	-	No
Hardware	arista	7300x-64s	-	No
Hardware	arista	7300x-64t	-	No
Hardware	arista	7300x3-32c	-	No
Hardware	arista	7300x3-48yc4	-	No
Hardware	arista	7304x3	-	No
Hardware	arista	7308x3	-	No
Hardware	arista	7320x-32c	-	No
Hardware	arista	7324x	-	No
Hardware	arista	7328x	-	No
Hardware	arista	7368x4	-	No

References

https://www.arista.com/en/support/advisories-notices/security-advisories/11997-security-advisory-57 Exploit, Vendor Advisory ([email protected])
https://www.arista.com/en/support/advisories-notices/security-advisories/11997-security-advisory-57 Exploit, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)