On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart.
CVE-2023-24510

7.5HIGH

Key Information:

Vendor: Arista Networks
Status: Arista Eos
Vendor: CVE Published:; 5 June 2023

🔔 Create Arista Networks Vulnerability Alert

What is CVE-2023-24510?

A vulnerability exists in Arista's EOS that can be exploited through a malformed DHCP packet. This issue may lead to an unintended restart of the DHCP relay agent on affected systems. Network administrators should be aware of this vulnerability as it can cause disruptions in network services, potentially impacting communications and network reliability.

Affected Version(s)

Arista EOS 4.25.0F <= 4.25.10M

Arista EOS 4.26.0F <= 4.26.9M

Arista EOS 4.27.0F <= 4.27.9M

References

https://www.arista.com/en/support/advisories-notices/secu...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 5, 2023
Vulnerability Reserved
Jan 24, 2023