CVE-2020-24360 Information

Description

An issue with ARP packets in Arista’s EOS affecting the 7800R3 7500R3 and 7280R3 series of products may result in issues that cause a kernel crash followed by a device reload. The affected Arista EOS versions are: 4.24.2.4F and below releases in the 4.24.x train; 4.23.4M and below releases in the 4.23.x train; 4.22.6M and below releases in the 4.22.x train.

CVSS Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Reference

https://www.arista.com/en/support/advisories-notices/security-advisories/11999-security-advisory-59

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

CHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.4