← Zuruck zu CVEs
CVE-2023-24511
MEDIUM5.3
Beschreibung
On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmpd process. This may result in the snmpd processing being terminated (causing SNMP requests to time out until snmpd is automatically restarted) and potential memory resource exhaustion for other processes on the switch. The vulnerability does not have any confidentiality or integrity impacts to the system.
CVE Details
CVSS v3.1 Bewertung5.3
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht4/12/2023
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
arista:7010tarista:7010t-48arista:7010tx-48arista:7010tx-48-dcarista:7020sr-24c2arista:7020sr-32c2arista:7020tr-48arista:7020tra-48arista:7050cx3-32sarista:7050cx3m-32sarista:7050qx-32sarista:7050qx2-32sarista:7050sx-128arista:7050sx-64arista:7050sx-72qarista:7050sx2-128arista:7050sx2-72qarista:7050sx3-48c8arista:7050sx3-48ycarista:7050sx3-48yc12arista:7050sx3-48yc8arista:7050sx3-96yc8arista:7050tx-48arista:7050tx-64arista:7050tx-72qarista:7050tx2-128arista:7050tx3-48c8arista:7060cx-32sarista:7060cx2-32sarista:7060dx4-32arista:7060px4-32arista:7060sx2-48yc6arista:7150s-24arista:7150s-52arista:7150s-64arista:7150sc-24arista:7150sc-64arista:7160-32cqarista:7160-48tc6arista:7160-48yc6arista:7170-32carista:7170-32cdarista:7170-64carista:7170b-64carista:720df-48yarista:720dp-24sarista:720dp-48sarista:720dt-24sarista:720dt-48sarista:720dt-48yarista:720xp-24y6arista:720xp-24zy4arista:720xp-48y6arista:720xp-48zc2arista:720xp-96zc2arista:722xpm-48y4arista:722xpm-48zy8arista:7250qx-64arista:7260cxarista:7260cx3arista:7260cx3-64arista:7260qxarista:7260qx-64arista:7280cr2ak-30arista:7280cr2k-60arista:7280cr3-32d4arista:7280cr3-32p4arista:7280cr3-96arista:7280cr3k-32d4arista:7280cr3k-32p4arista:7280cr3k-96arista:7280dr3-24arista:7280dr3k-24arista:7280earista:7280pr3-24arista:7280pr3k-24arista:7280rarista:7280r2arista:7280r3arista:7280sr3-48yc8arista:7280sr3k-48yc8arista:7300x-32qarista:7300x-64sarista:7300x-64tarista:7300x3-32carista:7300x3-48yc4arista:7304arista:7308arista:7316arista:7320x-32carista:7368x4arista:7388x5arista:7500earista:7500rarista:7500r2arista:7500r3arista:7500r3-24darista:7500r3-24parista:7500r3-36cqarista:7500r3k-36cqarista:7800r3-36parista:7800r3-48cqarista:7800r3k-48cqarista:ccs-750x-48thparista:ccs-750x-48tparista:ccs-750x-48zparista:ccs-750x-48zxparista:ceos-labarista:cloudeosarista:eosarista:veos-lab
Schwachen (CWE)
CWE-401CWE-401
Referenzen
https://www.arista.com/en/support/advisories-notices/security-advisory/17239-security-advisory-0084(psirt@arista.com)
https://www.arista.com/en/support/advisories-notices/security-advisory/17239-security-advisory-0084(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.