CVE-2020-26569
Description
In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries. This can result in traffic being discarded on the receiving VLAN. This affects versions: 4.21.12M and below releases in the 4.21.x train; 4.22.7M and below releases in the 4.22.x train; 4.23.5M and below releases in the 4.23.x train; 4.24.2F and below releases in the 4.24.x train.
Risk Information
Base Score
5.9
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.389
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities affected in eos 4.21.0f | NCM |
| Vulnerabilities CVE-2019-18948 ,CVE-2020-15897 ,CVE-2020-17355 ,CVE-2020-24360 ,CVE-2020-26569 are affected in eos 4.23.1f | NCM |
| Vulnerabilities CVE-2019-18948 ,CVE-2020-15897 ,CVE-2020-17355 ,CVE-2020-24360 ,CVE-2020-26569 are affected in eos 4.23.0f | NCM |
| Vulnerabilities CVE-2019-18948 ,CVE-2020-15897 ,CVE-2020-17355 ,CVE-2020-24360 ,CVE-2020-26569 are affected in eos 4.22.3m | NCM |
| Vulnerabilities CVE-2019-18948 ,CVE-2020-15897 ,CVE-2020-17355 ,CVE-2020-26569 are affected in eos 4.21.8m | NCM |
| Vulnerabilities CVE-2019-18948 ,CVE-2020-15897 ,CVE-2020-17355 ,CVE-2020-26569 are affected in eos 4.21.8 | NCM |
| Vulnerabilities CVE-2019-18948 ,CVE-2020-15897 ,CVE-2020-15898 ,CVE-2020-17355 ,CVE-2020-26569 are affected in eos 4.21.3 | NCM |
| Vulnerabilities CVE-2019-18948 ,CVE-2020-15897 ,CVE-2020-15898 ,CVE-2020-17355 ,CVE-2020-26569 are affected in eos 4.21.2.4 | NCM |
| Vulnerabilities CVE-2019-18948 ,CVE-2020-15897 ,CVE-2020-15898 ,CVE-2020-17355 ,CVE-2020-26569 are affected in eos 4.21.1f | NCM |
| Vulnerabilities CVE-2020-15897 ,CVE-2020-17355 ,CVE-2020-24360 ,CVE-2020-26569 are affected in eos 4.24.0f | NCM |
| Vulnerabilities CVE-2020-15897 ,CVE-2020-17355 ,CVE-2020-24360 ,CVE-2020-26569 are affected in eos 4.23.2f | NCM |
| Vulnerabilities CVE-2020-15897 ,CVE-2020-17355 ,CVE-2020-24360 ,CVE-2020-26569 are affected in eos 4.22.4m | NCM |
| Vulnerabilities CVE-2020-15897 ,CVE-2020-17355 ,CVE-2020-26569 are affected in eos 4.21.9m | NCM |
| Vulnerabilities CVE-2020-26569 are affected in eos 4.24.2f | NCM |
| Vulnerabilities CVE-2020-26569 are affected in eos 4.23.5m | NCM |
| Vulnerabilities CVE-2020-26569 are affected in eos 4.22.7m | NCM |
| Vulnerabilities CVE-2020-26569 are affected in eos 4.21.12m | NCM |
| CVE-2020-26569 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234