CVSS: 5.3EPSS: 0%CPEs: 6EXPL: 0CVE-2024-9135 – On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping.
https://notcve.org/view.php?id=CVE-2024-9135
04 Mar 2025 — On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping. • https://www.arista.com/en/support/advisories-notices/security-advisory/21092-security-advisory-0110 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0CVE-2025-1260 – On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected.
https://notcve.org/view.php?id=CVE-2025-1260
04 Mar 2025 — On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in unexpected configuration/operations being applied to the switch. On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in unexpected configuration/operations being applied to the switch. • https://www.arista.com/en/support/advisories-notices/security-advisory/21098-security-advisory-0111 • CWE-284: Improper Access Control •
CVSS: 7.7EPSS: 0%CPEs: 6EXPL: 0CVE-2025-1259 – On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected.
https://notcve.org/view.php?id=CVE-2025-1259
04 Mar 2025 — On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in users retrieving data that should not have been available On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in users retrieving data that should not have been available • https://www.arista.com/en/support/advisories-notices/security-advisory/21098-security-advisory-0111 • CWE-284: Improper Access Control •