CVE-2020-26569

In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries. This can result in traffic being discarded on the receiving VLAN. This affects versions: 4.21.12M and below releases in the 4.21.x train; 4.22.7M and below releases in the 4.22.x train; 4.23.5M and below releases in the 4.23.x train; 4.24.2F and below releases in the 4.24.x train.

CVSS v3.0 5.9 MEDIUM
CVSS v2.0 4.3 MEDIUM

5.9^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://www.arista.com/en/support/advisories-notices/security-advisories/11997-security-advisory-57	Exploit Vendor Advisory

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::

OR	cpe:2.3:h:arista:7010t-48:-:::::::*
	cpe:2.3:h:arista:7050cx3-32s:-:::::::*
	cpe:2.3:h:arista:7050cx3m-32s:-:::::::*
	cpe:2.3:h:arista:7050qx-32s:-:::::::*
	cpe:2.3:h:arista:7050qx2-32s:-:::::::*
	cpe:2.3:h:arista:7050sx-128:-:::::::*
	cpe:2.3:h:arista:7050sx-64:-:::::::*
	cpe:2.3:h:arista:7050sx-72q:-:::::::*
	cpe:2.3:h:arista:7050sx2-128:-:::::::*
	cpe:2.3:h:arista:7050sx2-72q:-:::::::*
	cpe:2.3:h:arista:7050sx3-48c8:-:::::::*
	cpe:2.3:h:arista:7260cx:-:::::::*
	cpe:2.3:h:arista:7260cx3:-:::::::*
	cpe:2.3:h:arista:7250qx-64:-:::::::*
	cpe:2.3:h:arista:720xp-96zc2:-:::::::*
	cpe:2.3:h:arista:720xp-48zc2:-:::::::*
	cpe:2.3:h:arista:720xp-24zy4:-:::::::*
	cpe:2.3:h:arista:720xp-48y6:-:::::::*
	cpe:2.3:h:arista:720xp-24y6:-:::::::*
	cpe:2.3:h:arista:7060px4-32:-:::::::*
	cpe:2.3:h:arista:7060dx4-32:-:::::::*
	cpe:2.3:h:arista:7060cx2-32s:-:::::::*
	cpe:2.3:h:arista:7060sx2-48yc6:-:::::::*
	cpe:2.3:h:arista:7060cx-32s:-:::::::*
	cpe:2.3:h:arista:7050tx-48:-:::::::*
	cpe:2.3:h:arista:7050tx-64:-:::::::*
	cpe:2.3:h:arista:7050tx-72q:-:::::::*
	cpe:2.3:h:arista:7050tx2-128:-:::::::*
	cpe:2.3:h:arista:7050sx3-96yc8:-:::::::*
	cpe:2.3:h:arista:7050sx3-48yc12:-:::::::*
	cpe:2.3:h:arista:7050sx3-48yc:-:::::::*
	cpe:2.3:h:arista:7050sx3-48yc8:-:::::::*
	cpe:2.3:h:arista:7050tx3-48c8:-:::::::*
	cpe:2.3:h:arista:7300x-32q:-:::::::*
	cpe:2.3:h:arista:7300x-64s:-:::::::*
	cpe:2.3:h:arista:7300x-64t:-:::::::*
	cpe:2.3:h:arista:7308x3:-:::::::*
	cpe:2.3:h:arista:7304x3:-:::::::*
	cpe:2.3:h:arista:7300x3-32c:-:::::::*
	cpe:2.3:h:arista:7300x3-48yc4:-:::::::*
	cpe:2.3:h:arista:7328x:-:::::::*
	cpe:2.3:h:arista:7324x:-:::::::*
	cpe:2.3:h:arista:7320x-32c:-:::::::*
	cpe:2.3:h:arista:7368x4:-:::::::*
	cpe:2.3:h:arista:7260qx:-:::::::*
	cpe:2.3:h:arista:7260cx3-64:-:::::::*

Information

Published : 2020-12-28 08:15

Updated : 2021-01-27 11:34

NVD link : CVE-2020-26569

Mitre link : CVE-2020-26569

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

arista

7060cx-32s
7050qx-32s
7050cx3-32s
7050sx3-48yc8
7050sx-72q
7060dx4-32
7304x3
7260cx
720xp-48zc2
7050sx2-128
7050sx2-72q
7060sx2-48yc6
720xp-96zc2
720xp-24zy4
7050cx3m-32s
720xp-24y6
7050sx3-48c8
7050sx3-96yc8
7050tx-72q
7260cx3
720xp-48y6
7328x
7010t-48
7050sx3-48yc12
7300x3-32c
7060px4-32
7300x-32q
7050qx2-32s
7050tx2-128
7050tx-64
7300x-64t
7050tx3-48c8
7368x4
7260qx
7050sx-128
7308x3
7324x
7300x-64s
7050sx-64
7320x-32c
7060cx2-32s
eos
7050tx-48
7260cx3-64
7250qx-64
7300x3-48yc4
7050sx3-48yc

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://www.arista.com/en/support/advisories-notices/security-advisories/11997-security-advisory-57", "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/11997-security-advisory-57", "tags": ["Exploit", "Vendor Advisory"], "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries. This can result in traffic being discarded on the receiving VLAN. This affects versions: 4.21.12M and below releases in the 4.21.x train; 4.22.7M and below releases in the 4.22.x train; 4.23.5M and below releases in the 4.23.x train; 4.24.2F and below releases in the 4.24.x train."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2020-26569", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "acInsufInfo": false, "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.2}}, "publishedDate": "2020-12-28T16:15Z", "configurations": {"nodes": [{"children": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.21.12m", "versionStartIncluding": "4.21.0f"}, {"cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.22.7m", "versionStartIncluding": "4.22.0f"}, {"cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.23.5m", "versionStartIncluding": "4.23.0f"}, {"cpe23Uri": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "4.24.2f", "versionStartIncluding": "4.24.0f"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:h:arista:7010t-48:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050qx-32s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050qx2-32s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx-128:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx-64:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx-72q:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx2-128:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx2-72q:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7260cx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7260cx3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7250qx-64:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:720xp-96zc2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:720xp-48zc2:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:720xp-24zy4:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:720xp-48y6:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:720xp-24y6:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7060px4-32:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7060dx4-32:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7060cx2-32s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7060sx2-48yc6:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7060cx-32s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050tx-48:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050tx-64:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050tx-72q:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050tx2-128:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7300x-32q:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7300x-64s:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7300x-64t:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7308x3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7304x3:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7300x3-32c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7300x3-48yc4:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7328x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7324x:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7320x-32c:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7368x4:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7260qx:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}, {"cpe23Uri": "cpe:2.3:h:arista:7260cx3-64:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}]}], "operator": "AND", "cpe_match": []}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2021-01-27T19:34Z"}

5.9 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

4.3 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2020-26569

5.9^/10

4.3^/10

Attach tags to `CVE-2020-26569`