Security Advisories

 

Arista Networks is committed to maintaining the highest standards of security across our product portfolio. Leveraging extensive testing and monitoring of vulnerabilities to isolate and neutralize threats early, Arista's Product Security Incident Response Team (PSIRT) provides global coverage for public reporting of possible security vulnerabilities across the product portfolio.

The PSIRT team monitors industry-wide vulnerability reporting as well as providing a single point of contact for customers and interested third parties to investigate and identify potential threats. The PSIRT team also works to communicate these issues back to the user community in a timely manner.

Arista's approach to vulnerability management and links to best practice guidelines can be found here.

For technical assistance with workarounds and hotfix installations recommended in security advisories, please contact the Arista Support team at このメールアドレスはスパムボットから保護されています。閲覧するにはJavaScriptを有効にする必要があります。.

Report security vulnerabilities found in Arista products to the PSIRT team via このメールアドレスはスパムボットから保護されています。閲覧するにはJavaScriptを有効にする必要があります。. It is recommended to use Arista's PGP key for secure and private communication directly with the PSIRT team.

Arista PSIRT is happy to work with researchers on discovered vulnerabilities in Arista products, the assignment of CVEs, and timelines for responsible disclosure. If a researcher discovers a new vulnerability they will be acknowledged in the advisory related to the vulnerability. Arista PSIRT is interested in receiving reports on issues affecting features in both Arista code as well as Open Source Software used in Arista products. Security issues found in Open Source Software which do not affect Arista products are out of the scope of Arista and should be referred to the appropriate CNA found here.

 

PSIRT Advisories

The following advisories and referenced materials are provided on an "as is" basis for use at your own risk. Arista Networks reserves the right to change or update the advisories without notice at any time.

Security Advisory 0108

On affected platforms running Arista EOS with one of the following features configured to redirect IP traffic to a next hop: policy-based routing (PBR), BGP Flowspec, or interface traffic policy -- certain IP traffic such as IPv4 packets with IP options may bypass the feature's set nexthop action and be slow-path forwarded (FIB routed) by the kernel as the packets are trapped to the CPU instead of following the redirect action's destination.

The CVE-ID tracking this issue: CVE-2024-6437

Security Advisory 0107

On affected platforms running Arista EOS with SNMP configured, if “snmp-server transmit max-size” is configured, under some circumstances a specially crafted packet can cause the snmpd process to leak memory. This may result in the snmpd process being terminated (causing SNMP requests to time out until snmpd is restarted) and memory pressure for other processes on the switch. Increased memory pressure can cause processes other than snmpd to be at risk for unexpected termination as well. This was discovered internally by Arista and we are not aware of any malicious uses of this issue in customer networks.

The CVE-ID tracking this issue: CVE-2024-7095

Security Advisory 0106

On affected platforms running Arista EOS, a specially crafted packet with incorrect VLAN tag might be copied to CPU, which may cause incorrect control plane behavior related to the packet, such as route flaps, multicast routes learnt, etc. This issue was discovered internally and Arista is not aware of any malicious uses of this issue in customer networks.

The CVE-ID tracking this issue: CVE-2024-5872

Security Advisory 0105

Multiple vulnerabilities exist for the Arista Edge Threat Management - Arista NG Firewall (NGFW)

The CVE-IDs tracking this issue: CVE-2024-9131, CVE-2024-9132, CVE-2024-9133, CVE-2024-9134, CVE-2024-47517, CVE-2024-47518, CVE-2024-47519, CVE-2024-47520, CVE-2024-9188

Security Advisory 0104

On Arista CloudVision Appliance (CVA) affected releases running on appliances that support hardware disk encryption (DCA-350E-CV only), the disk encryption might not be successfully performed. This results in the disks remaining unsecured and data on them being readable without the passphrase. This vulnerability allows local attackers to remove the unencrypted disk from the affected system, then attach to a different system, and access its data.

The CVE-ID tracking this issue: CVE-2024-7142

Security Advisory 0103

In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN. This issue was discovered internally and Arista is not aware of any malicious uses of this issue in customer networks.

This vulnerability is being tracked by BUG 828435

Security Advisory 0102

On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports. This can cause outgoing packets to incorrectly be allowed or denied.

The CVE-ID tracking this issue: CVE-2024-27891

Security Advisory 0101

Arista Networks is providing this security update in response to the following publicly disclosed security vulnerability related to the RADIUS protocol. This vulnerability is a result of a design flaw in the RADIUS protocol. It allows a skilled attacker who can read and modify RADIUS packets in the network to forge responses from the RADIUS server to the client. In this way the attacker can cause any user to be authenticated and can give almost any authorization to any user. RADIUS over TLS (RadSec) resolves this vulnerability.

The CVE-ID tracking this issue: CVE-2024-3596

Security Advisory 0100

Arista Networks is providing this security update in response to the OpenSSH security vulnerability CVE-2024-6387, named regreSSHion.

The vulnerability involves a signal handler race condition that can lead to a potential unauthenticated remote code execution in OpenSSH’s server (sshd) in glibc-based Linux systems that grants full root access. It affects the default configuration and does not require user interaction, posing a significant exploit risk.

Security Advisory 0099

For both CVE-2024-27892 and CVE-2024-27890, affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch. These issues are similar types of authorization issues and are being released together due to their similarity.

This issue was discovered internally and Arista is not aware of any malicious uses of this issue in customer networks.