CVE-2020-15898
Description
In Arista EOS malformed packets can be incorrectly forwarded across VLAN boundaries in one direction. This vulnerability is only susceptible to exploitation by unidirectional traffic (ex. UDP) and not bidirectional traffic (ex. TCP). This affects: EOS 7170 platforms version 4.21.4.1F and below releases in the 4.21.x train; EOS X-Series versions 4.21.11M and below releases in the 4.21.x train; 4.22.6M and below releases in the 4.22.x train; 4.23.4M and below releases in the 4.23.x train; 4.24.2.1F and below releases in the 4.24.x train.
Risk Information
Base Score
5.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS Score
Exploitation Probability
0.212
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities affected in eos 4.21.0f | NCM |
| Vulnerabilities CVE-2019-18948 ,CVE-2020-15897 ,CVE-2020-15898 ,CVE-2020-17355 ,CVE-2020-26569 are affected in eos 4.21.3 | NCM |
| Vulnerabilities CVE-2019-18948 ,CVE-2020-15897 ,CVE-2020-15898 ,CVE-2020-17355 ,CVE-2020-26569 are affected in eos 4.21.2.4 | NCM |
| Vulnerabilities CVE-2019-18948 ,CVE-2020-15897 ,CVE-2020-15898 ,CVE-2020-17355 ,CVE-2020-26569 are affected in eos 4.21.1f | NCM |
| CVE-2020-15898 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234