CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9448 – On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropp
https://notcve.org/view.php?id=CVE-2024-9448
08 May 2025 — On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if the rule was not in place. This could lead to packets being delivered to unexpected destinations. • https://www.arista.com/en/support/advisories-notices/security-advisory/21121-security-advisory-0112 • CWE-1284: Improper Validation of Specified Quantity in Input •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0936 – On affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File TransferToRemote RPC with credentials for a remote server may cause these remote-server credentials to be logged or accounted on the local EOS device or possibly
https://notcve.org/view.php?id=CVE-2025-0936
07 May 2025 — On affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File TransferToRemote RPC with credentials for a remote server may cause these remote-server credentials to be logged or accounted on the local EOS device or possibly on other remote accounting servers (i.e. TACACS, RADIUS, etc). • https://www.arista.com/en/support/advisories-notices/security-advisory/21394-security-advisory-0117 • CWE-256: Plaintext Storage of a Password •
CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2024-9135 – On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping.
https://notcve.org/view.php?id=CVE-2024-9135
04 Mar 2025 — On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping. • https://www.arista.com/en/support/advisories-notices/security-advisory/21092-security-advisory-0110 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2025-1260 – On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected.
https://notcve.org/view.php?id=CVE-2025-1260
04 Mar 2025 — On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in unexpected configuration/operations being applied to the switch. On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in unexpected configuration/operations being applied to the switch. • https://www.arista.com/en/support/advisories-notices/security-advisory/21098-security-advisory-0111 • CWE-284: Improper Access Control •
CVSS: 7.7EPSS: 0%CPEs: 6EXPL: 0CVE-2025-1259 – On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected.
https://notcve.org/view.php?id=CVE-2025-1259
04 Mar 2025 — On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in users retrieving data that should not have been available On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in users retrieving data that should not have been available • https://www.arista.com/en/support/advisories-notices/security-advisory/21098-security-advisory-0111 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 1CVE-2023-3646 – On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.
https://notcve.org/view.php?id=CVE-2023-3646
29 Aug 2023 — On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload. • https://www.arista.com/en/support/advisories-notices/security-advisory/18042-security-advisory-0088 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 47EXPL: 1CVE-2023-24548 – On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets
https://notcve.org/view.php?id=CVE-2023-24548
29 Aug 2023 — On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel and forwarded in hardware can cause egress ports to be unable to forward packets. The device will continue to be susceptible to the issue until remediation is in place. • https://www.arista.com/en/support/advisories-notices/security-advisory/18043-security-advisory-0089 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 101EXPL: 0CVE-2023-24510 – On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart.
https://notcve.org/view.php?id=CVE-2023-24510
05 Jun 2023 — On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart. • https://www.arista.com/en/support/advisories-notices/security-advisory/17445-security-advisory-0087 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 8.8EPSS: 0%CPEs: 113EXPL: 1CVE-2023-24512 – On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch.
https://notcve.org/view.php?id=CVE-2023-24512
25 Apr 2023 — On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent (referred to as the TerminAttr agent) is enabled and gNMI access is configured on the agent. Note: This gNMI over the Streaming Telemetry Agent scenario is mostly commonly used when streaming to a 3rd party system and is not used by default when streaming to ... • https://www.arista.com/en/support/advisories-notices/security-advisory/17250-security-advisory-0086 • CWE-284: Improper Access Control CWE-863: Incorrect Authorization •
CVSS: 9.3EPSS: 0%CPEs: 26EXPL: 1CVE-2023-24509 – On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading t ...
https://notcve.org/view.php?id=CVE-2023-24509
13 Apr 2023 — On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading to a privilege escalation. Valid user credentials are required in order to exploit this vulnerability. • https://www.arista.com/en/support/advisories-notices/security-advisory/16985-security-advisory-0082 • CWE-269: Improper Privilege Management •