CVE-2020-24360

An issue with ARP packets in Aristas EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista EOS versions are: 4.24.2.4F and below releases in the 4.24.x train; 4.23.4M and below releases in the 4.23.x train; 4.22.6M and below releases in the 4.22.x train.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.4 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 28%
VendorProductVersion
aristaeos
4.22.0f ≤
𝑥
≤ 4.22.6m
aristaeos
4.23.0f ≤
𝑥
≤ 4.23.4m
aristaeos
4.24.0f ≤
𝑥
≤ 4.24.2.4f
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.arista.com/en/support/advisories-notices/security-advisories/11999-security-advisory-59
https://www.arista.com/en/support/advisories-notices/security-advisories/11999-security-advisory-59