CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-14810

A vulnerability has been found in the implementation of the Label Distribution Protocol (LDP) protocol in EOS. Under race conditions, the LDP agent can establish an LDP session with a malicious peer potentially allowing the possibility of a Denial of Service (DoS) attack on route updates and in turn potentially leading to an Out of Memory (OOM) condition that is disruptive to traffic forwarding. Affected EOS versions include: 4.22 release train: 4.22.1F and earlier releases 4.21 release train: 4.21.0F - 4.21.2.3F, 4.21.3F - 4.21.7.1M 4.20 release train: 4.20.14M and earlier releases 4.19 release train: 4.19.12M and earlier releases End of support release trains (4.18 and 4.17)

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.4%

CVSS Severity

CVSS v3 Score 5.9

CVSS v2 Score 4.3

References

Products affected by CVE-2019-14810

Arista » 7020r » Version: N/A

cpe:2.3:h:arista:7020r:-
Arista » 7280e » Version: N/A

cpe:2.3:h:arista:7280e:-
Arista » 7280r2 » Version: N/A

cpe:2.3:h:arista:7280r2:-
Arista » 7280r3 » Version: N/A

cpe:2.3:h:arista:7280r3:-
Arista » 7280r » Version: N/A

cpe:2.3:h:arista:7280r:-
Arista » 7500e » Version: N/A

cpe:2.3:h:arista:7500e:-
Arista » 7500r2 » Version: N/A

cpe:2.3:h:arista:7500r2:-
Arista » 7500r3 » Version: N/A

cpe:2.3:h:arista:7500r3:-
Arista » 7500r » Version: N/A

cpe:2.3:h:arista:7500r:-
Arista » Extensible Operating System » Version: 4.17

cpe:2.3:o:arista:extensible_operating_system:4.17
Arista » Extensible Operating System » Version: 4.18

cpe:2.3:o:arista:extensible_operating_system:4.18
Arista » Extensible Operating System » Version: 4.19

cpe:2.3:o:arista:extensible_operating_system:4.19
Arista » Extensible Operating System » Version: 4.19.12m

cpe:2.3:o:arista:extensible_operating_system:4.19.12m
Arista » Extensible Operating System » Version: 4.20

cpe:2.3:o:arista:extensible_operating_system:4.20
Arista » Extensible Operating System » Version: 4.20.14m

cpe:2.3:o:arista:extensible_operating_system:4.20.14m
Arista » Extensible Operating System » Version: 4.21.0f

cpe:2.3:o:arista:extensible_operating_system:4.21.0f
Arista » Extensible Operating System » Version: 4.21.2.3f

cpe:2.3:o:arista:extensible_operating_system:4.21.2.3f
Arista » Extensible Operating System » Version: 4.21.3f

cpe:2.3:o:arista:extensible_operating_system:4.21.3f
Arista » Extensible Operating System » Version: 4.21.7

cpe:2.3:o:arista:extensible_operating_system:4.21.7
Arista » Extensible Operating System » Version: 4.22.1f

cpe:2.3:o:arista:extensible_operating_system:4.22.1f

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-14810

Products

Pricing

Contact Us