Vulnerability Details CVE-2019-18948
An issue was found in Arista EOS. Specific malformed ARP packets can impact the software forwarding of VxLAN packets. This issue is found in Arista’s EOS VxLAN code, which can allow attackers to crash the VxlanSwFwd agent. This affects EOS 4.21.8M and below releases in the 4.21.x train, 4.22.3M and below releases in the 4.22.x train, 4.23.1F and below releases in the 4.23.x train, and all releases in 4.15, 4.16, 4.17, 4.18, 4.19, 4.20 code train.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 62.8%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2019-18948
-
cpe:2.3:o:arista:eos:4.15
-
cpe:2.3:o:arista:eos:4.16
-
cpe:2.3:o:arista:eos:4.17
-
cpe:2.3:o:arista:eos:4.18
-
cpe:2.3:o:arista:eos:4.19
-
cpe:2.3:o:arista:eos:4.20
-
cpe:2.3:o:arista:eos:4.21.0
-
cpe:2.3:o:arista:eos:4.21.0f
-
cpe:2.3:o:arista:eos:4.21.1f
-
cpe:2.3:o:arista:eos:4.21.2.4
-
cpe:2.3:o:arista:eos:4.21.3
-
cpe:2.3:o:arista:eos:4.21.3f
-
cpe:2.3:o:arista:eos:4.21.4.1f
-
cpe:2.3:o:arista:eos:4.21.8
-
cpe:2.3:o:arista:eos:4.21.8m
-
cpe:2.3:o:arista:eos:4.22.0f
-
cpe:2.3:o:arista:eos:4.22.1f
-
cpe:2.3:o:arista:eos:4.22.3m
-
cpe:2.3:o:arista:eos:4.23.0f
-
cpe:2.3:o:arista:eos:4.23.1f