Vulnerability Details CVE-2020-13100
Arista’s CloudVision eXchange (CVX) server before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (crash and restart) in the ControllerOob agent via a malformed control-plane packet.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 70.9%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2020-13100
-
cpe:2.3:a:arista:cloudvision_exchange:4.21.10m
-
cpe:2.3:a:arista:cloudvision_exchange:4.21.5f
-
cpe:2.3:a:arista:cloudvision_exchange:4.22.0
-
cpe:2.3:a:arista:cloudvision_exchange:4.22.6m
-
cpe:2.3:a:arista:cloudvision_exchange:4.23.0
-
cpe:2.3:a:arista:cloudvision_exchange:4.23.4m
-
cpe:2.3:a:arista:cloudvision_exchange:4.24.0
-
cpe:2.3:a:arista:cloudvision_exchange:4.24.1.1f