csaf_certbund - wid-sec-w-2024-3506

wid-sec-w-2024-3506

Vulnerability from csaf_certbund

Published

2024-11-19 23:00

Modified

2024-11-19 23:00

Summary

Arista EOS: Mehrere Schwachstellen ermöglichen Denial of Service

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Arista Extensible Operating System (EOS) ist ein modulares Linux basiertes Netzwerkbetriebssystem.

Angriff

Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Arista EOS ausnutzen, um einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme

- UNIX

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Arista Extensible Operating System (EOS) ist ein modulares Linux basiertes Netzwerkbetriebssystem.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Arista EOS ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3506 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3506.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3506 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3506"
      },
      {
        "category": "external",
        "summary": "Arista Security Advisory vom 2024-11-19",
        "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20649-security-advisory-0106"
      },
      {
        "category": "external",
        "summary": "Arista Security Advisory vom 2024-11-19",
        "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20650-security-advisory-0107"
      }
    ],
    "source_lang": "en-US",
    "title": "Arista EOS: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
    "tracking": {
      "current_release_date": "2024-11-19T23:00:00.000+00:00",
      "generator": {
        "date": "2024-11-20T10:12:44.144+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.8"
        }
      },
      "id": "WID-SEC-W-2024-3506",
      "initial_release_date": "2024-11-19T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-11-19T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c4.33.0F",
                "product": {
                  "name": "Arista EOS \u003c4.33.0F",
                  "product_id": "T039304"
                }
              },
              {
                "category": "product_version",
                "name": "4.33.0F",
                "product": {
                  "name": "Arista EOS 4.33.0F",
                  "product_id": "T039304-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:arista:arista_eos:4.33.0f"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c4.32.3M",
                "product": {
                  "name": "Arista EOS \u003c4.32.3M",
                  "product_id": "T039305"
                }
              },
              {
                "category": "product_version",
                "name": "4.32.3M",
                "product": {
                  "name": "Arista EOS 4.32.3M",
                  "product_id": "T039305-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:arista:arista_eos:4.32.3m"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c4.31.5M",
                "product": {
                  "name": "Arista EOS \u003c4.31.5M",
                  "product_id": "T039306"
                }
              },
              {
                "category": "product_version",
                "name": "4.31.5M",
                "product": {
                  "name": "Arista EOS 4.31.5M",
                  "product_id": "T039306-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:arista:arista_eos:4.31.5m"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c4.30.8M",
                "product": {
                  "name": "Arista EOS \u003c4.30.8M",
                  "product_id": "T039307"
                }
              },
              {
                "category": "product_version",
                "name": "4.30.8M",
                "product": {
                  "name": "Arista EOS 4.30.8M",
                  "product_id": "T039307-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:arista:arista_eos:4.30.8m"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c4.29.9M",
                "product": {
                  "name": "Arista EOS \u003c4.29.9M",
                  "product_id": "T039308"
                }
              },
              {
                "category": "product_version",
                "name": "4.29.9M",
                "product": {
                  "name": "Arista EOS 4.29.9M",
                  "product_id": "T039308-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:arista:arista_eos:4.29.9m"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c4.28.12M",
                "product": {
                  "name": "Arista EOS \u003c4.28.12M",
                  "product_id": "T039309"
                }
              },
              {
                "category": "product_version",
                "name": "4.28.12M",
                "product": {
                  "name": "Arista EOS 4.28.12M",
                  "product_id": "T039309-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:arista:arista_eos:4.28.12m"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "EOS"
          }
        ],
        "category": "vendor",
        "name": "Arista"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-5872",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Arista EOS. Die Schwachstelle besteht, weil manipulierte Pakete mit falschen VLAN-Tags von der CPU falsch verarbeitet werden k\u00f6nnen, was zu Fehlverhalten auf der Steuerungsebene f\u00fchrt, wie z. B. Route Flapping oder falsches Lernen von Multicast-Routen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, indem er manipulierte Pakete sendet."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039308",
          "T039307",
          "T039309",
          "T039304",
          "T039306",
          "T039305"
        ]
      },
      "release_date": "2024-11-19T23:00:00.000+00:00",
      "title": "CVE-2024-5872"
    },
    {
      "cve": "CVE-2024-7095",
      "notes": [
        {
          "category": "description",
          "text": "Es besteht eine Schwachstelle in Arista EOS. Dieser Fehler besteht aufgrund einer unsachgem\u00e4\u00dfen Speicherfreigabe nach der effektiven Lebensdauer im snmpd-Prozess, wenn \u201esnmp-server transmit max-size\u201c konfiguriert ist. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T039307",
          "T039306",
          "T039305"
        ]
      },
      "release_date": "2024-11-19T23:00:00.000+00:00",
      "title": "CVE-2024-7095"
    }
  ]
}

CVE-2024-5872 (GCVE-0-2024-5872)

Vulnerability from cvelistv5

Published

2025-01-10 20:25

Modified

2025-01-10 21:11

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

CWE

cwe-346

Summary

On affected platforms running Arista EOS, a specially crafted packet with incorrect VLAN tag might be copied to CPU, which may cause incorrect control plane behavior related to the packet, such as route flaps, multicast routes learnt, etc.

References

►

URL

Tags

https://www.arista.com/en/support/advisories-notices/security-advisory/20649-security-advisory-0106

Impacted products

	Vendor	Product	Version
	Arista Networks	EOS	Version: 4.32.0F < Version: 4.31.0M < Version: 4.30.0M < Version: 4.29.0M < Version: 4.28.1F <

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5872",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-10T21:11:13.257737Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-10T21:11:37.497Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "EOS",
          "vendor": "Arista Networks",
          "versions": [
            {
              "lessThanOrEqual": "4.32.2F",
              "status": "affected",
              "version": "4.32.0F",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.31.4M",
              "status": "affected",
              "version": "4.31.0M",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.30.7M",
              "status": "affected",
              "version": "4.30.0M",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.29.8M",
              "status": "affected",
              "version": "4.29.0M",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.28.11F",
              "status": "affected",
              "version": "4.28.1F",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThere are multiple conditions which must be met. An L3 interface must be configured on the device and at least one of four additional conditions, detailed below and labeled 1 through 4, must be met. In addition to the configuration the packet being sent must have an incorrect VLAN tag.\u003c/p\u003e\u003cp\u003eIn order to be vulnerable to CVE-2024-5872, an L3 interface MUST be configured on the device.\u003c/p\u003e\u003cp\u003eTo check IPv4 L3 interface configuration:\u003c/p\u003e\u003cpre\u003eSwitch\u0026gt;show ip interface brief\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Address\nInterface \u0026nbsp; \u0026nbsp; IP Address \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Status  \u0026nbsp; Protocol \u0026nbsp; \u0026nbsp; MTU \u0026nbsp; Owner\n------------- ------------------ --------- ---------- ------ -------\nEthernet5/1 \u0026nbsp; 5.1.1.1/24 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; up  \u0026nbsp; \u0026nbsp; \u0026nbsp; up  \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 1500\nManagement1 \u0026nbsp; 10.240.112.30/25 \u0026nbsp; up  \u0026nbsp; \u0026nbsp; \u0026nbsp; up  \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 1500\nVlan4 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 4.1.1.1/24 \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; up  \u0026nbsp; \u0026nbsp; \u0026nbsp; up  \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; 1500\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eTo check IPv6 L3 interface configuration:\u003c/p\u003e\u003cpre\u003eSwitch\u0026gt;show ipv6 interface brief\nInterface  Status  MTU IPv6 Address  \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; Addr State Addr Source\n--------- ------- ---- ----------------------- ---------- -----------\nMa1  \u0026nbsp; \u0026nbsp; \u0026nbsp; up \u0026nbsp; \u0026nbsp; 1500 fe80::d3ff:fe5f:73e9/64 up \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; link local\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;fdfd:5c41:712d::701e/64 up \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; config\nVl4  \u0026nbsp; \u0026nbsp; \u0026nbsp; up \u0026nbsp; \u0026nbsp; 1500 fe80::d3ff:fe5f:73ea/64 up \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; link local\n\u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp;120::1/120  \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; up \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; config\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eAND\u003c/div\u003e\u003cp\u003eAt least one of the following conditions (#\u2019s 1-4 below) must be met:\u003c/p\u003e\u003col\u003e\u003cli\u003eEither IPv4 routing or IPv6 routing is not configured, which will cause the vulnerability to impact IPv4 unicast packets or IPv6 unicast packets, respectively:\u003cbr\u003e\u003cpre\u003eSwitch\u0026gt;show ip\n \n\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eIP Routing : Disabled\u003c/span\u003e\nIP Multicast Routing : Disabled\nIPv6 Multicast Routing : Disabled\nIPv6 Interfaces Forwarding : None\n \n\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eIPv6 Unicast Routing : Disabled\u003c/span\u003e\n\u003c/pre\u003e\u003c/li\u003e\u003c/ol\u003e\u003cdiv\u003eOR\u003c/div\u003e\u003col\u003e\u003cli\u003eFor packets with TTL of 0 or 1, all IP configurations are vulnerable.\u003cbr\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003c/li\u003e\u003c/ol\u003e\u003cdiv\u003eOR\u003c/div\u003e\u003col\u003e\u003cli\u003eUnicast and multicast routing must be configured for IPv4 to be vulnerable for IPv4 multicast packets, and IPv4 multicast must be enabled on an L3 interface:\u003cbr\u003e\u003cpre\u003eSwitch\u0026gt;show ip\n \n\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eIP Routing : Enabled\nIP Multicast Routing : Enabled\u003c/span\u003e\nIPv6 Multicast Routing : Disabled\nIPv6 Interfaces Forwarding : None\n\u003cbr\u003e\nIPv6 Unicast Routing : Disabled\nSwitch(config-if-Vl4)#show active\ninterface Vlan4\n\u0026nbsp; \u0026nbsp;ip address 4.1.1.1/24\n\u0026nbsp; \u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003epim ipv4 sparse-mode\u003c/span\u003e\n\u003c/pre\u003e\u003c/li\u003e\u003c/ol\u003e\u003cdiv\u003eOR\u003c/div\u003e\u003col\u003e\u003cli\u003eUnicast and multicast routing must be configured for IPv6 to be vulnerable to IPv6 multicast packets, and IPv6 multicast must be enabled on an L3 interface:\u003cbr\u003e\u003cpre\u003eSwitch\u0026gt;show ip\n  \nIP Routing : Disabled\nIP Multicast Routing : Disabled\n\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eIPv6 Multicast Routing : Enabled\u003c/span\u003e\nIPv6 Interfaces Forwarding : None\n  \n\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eIPv6 Unicast Routing : Enabled\u003c/span\u003e\nSwitch(config-if-Vl4)#show active\ninterface Vlan4\n\u0026nbsp; \u0026nbsp;ipv6 address 120::1/120\n\u0026nbsp; \u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003epim ipv6 sparse-mode\u003c/span\u003e\u003c/pre\u003e\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
            }
          ],
          "value": "There are multiple conditions which must be met. An L3 interface must be configured on the device and at least one of four additional conditions, detailed below and labeled 1 through 4, must be met. In addition to the configuration the packet being sent must have an incorrect VLAN tag.\n\nIn order to be vulnerable to CVE-2024-5872, an L3 interface MUST be configured on the device.\n\nTo check IPv4 L3 interface configuration:\n\nSwitch\u003eshow ip interface brief\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Address\nInterface \u00a0 \u00a0 IP Address \u00a0 \u00a0 \u00a0 \u00a0 Status  \u00a0 Protocol \u00a0 \u00a0 MTU \u00a0 Owner\n------------- ------------------ --------- ---------- ------ -------\nEthernet5/1 \u00a0 5.1.1.1/24 \u00a0 \u00a0 \u00a0 \u00a0 up  \u00a0 \u00a0 \u00a0 up  \u00a0 \u00a0 \u00a0 \u00a0 1500\nManagement1 \u00a0 10.240.112.30/25 \u00a0 up  \u00a0 \u00a0 \u00a0 up  \u00a0 \u00a0 \u00a0 \u00a0 1500\nVlan4 \u00a0 \u00a0 \u00a0 \u00a0 4.1.1.1/24 \u00a0 \u00a0 \u00a0 \u00a0 up  \u00a0 \u00a0 \u00a0 up  \u00a0 \u00a0 \u00a0 \u00a0 1500\n\n\n\u00a0\n\nTo check IPv6 L3 interface configuration:\n\nSwitch\u003eshow ipv6 interface brief\nInterface  Status  MTU IPv6 Address  \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Addr State Addr Source\n--------- ------- ---- ----------------------- ---------- -----------\nMa1  \u00a0 \u00a0 \u00a0 up \u00a0 \u00a0 1500 fe80::d3ff:fe5f:73e9/64 up \u00a0 \u00a0 \u00a0 \u00a0 link local\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0fdfd:5c41:712d::701e/64 up \u00a0 \u00a0 \u00a0 \u00a0 config\nVl4  \u00a0 \u00a0 \u00a0 up \u00a0 \u00a0 1500 fe80::d3ff:fe5f:73ea/64 up \u00a0 \u00a0 \u00a0 \u00a0 link local\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0120::1/120  \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 up \u00a0 \u00a0 \u00a0 \u00a0 config\n\n\n\u00a0\n\nAND\n\nAt least one of the following conditions (#\u2019s 1-4 below) must be met:\n\n  *  Either IPv4 routing or IPv6 routing is not configured, which will cause the vulnerability to impact IPv4 unicast packets or IPv6 unicast packets, respectively:\nSwitch\u003eshow ip\n \nIP Routing : Disabled\nIP Multicast Routing : Disabled\nIPv6 Multicast Routing : Disabled\nIPv6 Interfaces Forwarding : None\n \nIPv6 Unicast Routing : Disabled\n\n\n\nOR\n\n  *  For packets with TTL of 0 or 1, all IP configurations are vulnerable.\n\u00a0\n\n\nOR\n\n  *  Unicast and multicast routing must be configured for IPv4 to be vulnerable for IPv4 multicast packets, and IPv4 multicast must be enabled on an L3 interface:\nSwitch\u003eshow ip\n \nIP Routing : Enabled\nIP Multicast Routing : Enabled\nIPv6 Multicast Routing : Disabled\nIPv6 Interfaces Forwarding : None\n\n\nIPv6 Unicast Routing : Disabled\nSwitch(config-if-Vl4)#show active\ninterface Vlan4\n\u00a0 \u00a0ip address 4.1.1.1/24\n\u00a0 \u00a0pim ipv4 sparse-mode\n\n\n\nOR\n\n  *  Unicast and multicast routing must be configured for IPv6 to be vulnerable to IPv6 multicast packets, and IPv6 multicast must be enabled on an L3 interface:\nSwitch\u003eshow ip\n  \nIP Routing : Disabled\nIP Multicast Routing : Disabled\nIPv6 Multicast Routing : Enabled\nIPv6 Interfaces Forwarding : None\n  \nIPv6 Unicast Routing : Enabled\nSwitch(config-if-Vl4)#show active\ninterface Vlan4\n\u00a0 \u00a0ipv6 address 120::1/120\n\u00a0 \u00a0pim ipv6 sparse-mode"
        }
      ],
      "datePublic": "2024-11-19T20:20:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "On affected platforms running Arista EOS, a specially crafted packet with incorrect VLAN tag might be copied to CPU, which may cause incorrect control plane behavior related to the packet, such as route flaps, multicast routes learnt, etc."
            }
          ],
          "value": "On affected platforms running Arista EOS, a specially crafted packet with incorrect VLAN tag might be copied to CPU, which may cause incorrect control plane behavior related to the packet, such as route flaps, multicast routes learnt, etc."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-141",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-141"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "cwe-346",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-10T20:25:53.860Z",
        "orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
        "shortName": "Arista"
      },
      "references": [
        {
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20649-security-advisory-0106"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades\"\u003eEOS User Manual: Upgrades and Downgrades\u003c/a\u003e\u003c/p\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eCVE-2024-5872 has been fixed in the following releases:\u003c/div\u003e\u003cul\u003e\u003cli\u003e4.33.0F and later releases in the 4.33.x train\u003c/li\u003e\u003cli\u003e4.32.3M and later releases in the 4.32.x train\u003c/li\u003e\u003cli\u003e4.31.5M and later releases in the 4.31.x train\u003c/li\u003e\u003cli\u003e4.30.8M and later releases in the 4.30.x train\u003c/li\u003e\u003cli\u003e4.29.9M and later releases in the 4.29.x train\u003c/li\u003e\u003cli\u003e4.28.12M and later releases in the 4.28.x train\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
            }
          ],
          "value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see  EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades \n\n\u00a0\n\nCVE-2024-5872 has been fixed in the following releases:\n\n  *  4.33.0F and later releases in the 4.33.x train\n  *  4.32.3M and later releases in the 4.32.x train\n  *  4.31.5M and later releases in the 4.31.x train\n  *  4.30.8M and later releases in the 4.30.x train\n  *  4.29.9M and later releases in the 4.29.x train\n  *  4.28.12M and later releases in the 4.28.x train"
        }
      ],
      "source": {
        "advisory": "106",
        "defect": [
          "BUG 884202"
        ],
        "discovery": "INTERNAL"
      },
      "title": "On affected platforms running Arista EOS, a specially crafted packet with incorrect VLAN tag might be copied to CPU, which may cause incorrect control plane behavior related to the packet, such as route flaps, multicast routes learnt, etc.",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThere is no workaround.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "There is no workaround."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
    "assignerShortName": "Arista",
    "cveId": "CVE-2024-5872",
    "datePublished": "2025-01-10T20:25:53.860Z",
    "dateReserved": "2024-06-11T15:41:47.035Z",
    "dateUpdated": "2025-01-10T21:11:37.497Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7095 (GCVE-0-2024-7095)

Vulnerability from cvelistv5

Published

2025-01-10 20:19

Modified

2025-01-14 14:33

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CWE

cwe-401

Summary

On affected platforms running Arista EOS with SNMP configured, if “snmp-server transmit max-size” is configured, under some circumstances a specially crafted packet can cause the snmpd process to leak memory. This may result in the snmpd process being terminated (causing SNMP requests to time out until snmpd is restarted) and memory pressure for other processes on the switch. Increased memory pressure can cause processes other than snmpd to be at risk for unexpected termination as well.

References

►

URL

Tags

https://www.arista.com/en/support/advisories-notices/security-advisory/20650-security-advisory-0107

Impacted products

	Vendor	Product	Version
	Arista Networks	EOS	Version: 4.32.0F < Version: 4.31.0M < Version: 4.30.0M < Version: 4.29.0 < Version: 4.28.0 < Version: 4.27.0 < Version: 4.26.0 < Version: 4.25.0 < Version: 4.24.0 < Version: 4.23.0 < Version: 4.22.0 <

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7095",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-14T14:31:59.560743Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-401",
                "description": "CWE-401 Missing Release of Memory after Effective Lifetime",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-14T14:33:54.850Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "EOS",
          "vendor": "Arista Networks",
          "versions": [
            {
              "lessThanOrEqual": "4.32.2F",
              "status": "affected",
              "version": "4.32.0F",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.31.4M",
              "status": "affected",
              "version": "4.31.0M",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "4.30.7M",
              "status": "affected",
              "version": "4.30.0M",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "4.29.0",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "4.28.0",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "4.27.0",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "4.26.0",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "4.25.0",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "4.24.0",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "4.23.0",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "4.22.0",
              "versionType": "custom"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIn order to be vulnerable to CVE-2024-7095, the following conditions must be met:\u003c/p\u003e\u003col\u003e\u003cli\u003eSNMP must be configured, and\u003c/li\u003e\u003cli\u003e\u201c\u003cb\u003esnmp-server transmit max-size\u003c/b\u003e\u201d must be configured\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eIf the necessary configurations are present, \u003cb\u003eshow snmp\u003c/b\u003e\u0026nbsp;output will look something like below, where \u003cb\u003eTransmit message maximum size\u003c/b\u003e\u0026nbsp;will contain a number smaller than the default of 65536:\u003c/p\u003e\u003cpre\u003eswitch\u0026gt;show snmp\nChassis: None\n0 SNMP packets input\n\u0026nbsp; \u0026nbsp; 0 Bad SNMP version errors\n\u0026nbsp; \u0026nbsp; 0 Unknown community name\n\u0026nbsp; \u0026nbsp; 0 Illegal operation for community name supplied\n\u0026nbsp; \u0026nbsp; 0 Encoding errors\n\u0026nbsp; \u0026nbsp; 0 Number of requested variables\n\u0026nbsp; \u0026nbsp; 0 Number of altered variables\n\u0026nbsp; \u0026nbsp; 0 Get-request PDUs\n\u0026nbsp; \u0026nbsp; 0 Get-next PDUs\n\u0026nbsp; \u0026nbsp; 0 Set-request PDUs\n0 SNMP packets output\n\u0026nbsp; \u0026nbsp; 0 Too big errors\n\u0026nbsp; \u0026nbsp; 0 No such name errors\n\u0026nbsp; \u0026nbsp; 0 Bad value errors\n\u0026nbsp; \u0026nbsp; 0 General errors\n\u0026nbsp; \u0026nbsp; 0 Response PDUs\n\u0026nbsp; \u0026nbsp; 0 Trap PDUs\n\u0026nbsp; \u0026nbsp; 0 Trap drops\nAccess Control\n\u0026nbsp; \u0026nbsp; 0 Users\n\u0026nbsp; \u0026nbsp; 0 Groups\n\u0026nbsp; \u0026nbsp; 0 Views\nSNMP logging: disabled\n\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eSNMP agent enabled in VRFs: default\nTransmit message maximum size: 1500\u003c/span\u003e\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eIf SNMP is not configured there is no exposure to this issue and the \u003cb\u003eshow snmp\u003c/b\u003e\u0026nbsp;output will look something like:\u003c/p\u003e\u003cpre\u003eswitch\u0026gt;show snmp\nChassis: XXXXXXXXXXX\nSNMP agent enabled in VRFs: default\nTransmit message maximum size: 65536\n\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eSNMP agent disabled:\u003c/span\u003e Either no communities and no users are configured, or no VRFs are configured.\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eIf the \u003cb\u003etransmit max-size\u003c/b\u003e\u0026nbsp;is not configured there is no exposure to this issue and even if SNMP is configured, the \u003cb\u003eshow snmp\u003c/b\u003e\u0026nbsp;output will look something like:\u003c/p\u003e\u003cpre\u003eswitch\u0026gt;show snmp\nChassis: None\n0 SNMP packets input\n\u0026nbsp; \u0026nbsp; 0 Bad SNMP version errors\n\u0026nbsp; \u0026nbsp; 0 Unknown community name\n\u0026nbsp; \u0026nbsp; 0 Illegal operation for community name supplied\n\u0026nbsp; \u0026nbsp; 0 Encoding errors\n\u0026nbsp; \u0026nbsp; 0 Number of requested variables\n\u0026nbsp; \u0026nbsp; 0 Number of altered variables\n\u0026nbsp; \u0026nbsp; 0 Get-request PDUs\n\u0026nbsp; \u0026nbsp; 0 Get-next PDUs\n\u0026nbsp; \u0026nbsp; 0 Set-request PDUs\n0 SNMP packets output\n\u0026nbsp; \u0026nbsp; 0 Too big errors\n\u0026nbsp; \u0026nbsp; 0 No such name errors\n\u0026nbsp; \u0026nbsp; 0 Bad value errors\n\u0026nbsp; \u0026nbsp; 0 General errors\n\u0026nbsp; \u0026nbsp; 0 Response PDUs\n\u0026nbsp; \u0026nbsp; 0 Trap PDUs\n\u0026nbsp; \u0026nbsp; 0 Trap drops\nAccess Control\n\u0026nbsp; \u0026nbsp; 0 Users\n\u0026nbsp; \u0026nbsp; 0 Groups\n\u0026nbsp; \u0026nbsp; 0 Views\nSNMP logging: disabled\nSNMP agent enabled in VRFs: default\n\u003cspan style=\"background-color: rgb(255, 255, 0);\"\u003eTransmit message maximum size: 65536\u003c/span\u003e\u003c/pre\u003e\u003cbr\u003e"
            }
          ],
          "value": "In order to be vulnerable to CVE-2024-7095, the following conditions must be met:\n\n  *  SNMP must be configured, and\n  *  \u201csnmp-server transmit max-size\u201d must be configured\nIf the necessary configurations are present, show snmp\u00a0output will look something like below, where Transmit message maximum size\u00a0will contain a number smaller than the default of 65536:\n\nswitch\u003eshow snmp\nChassis: None\n0 SNMP packets input\n\u00a0 \u00a0 0 Bad SNMP version errors\n\u00a0 \u00a0 0 Unknown community name\n\u00a0 \u00a0 0 Illegal operation for community name supplied\n\u00a0 \u00a0 0 Encoding errors\n\u00a0 \u00a0 0 Number of requested variables\n\u00a0 \u00a0 0 Number of altered variables\n\u00a0 \u00a0 0 Get-request PDUs\n\u00a0 \u00a0 0 Get-next PDUs\n\u00a0 \u00a0 0 Set-request PDUs\n0 SNMP packets output\n\u00a0 \u00a0 0 Too big errors\n\u00a0 \u00a0 0 No such name errors\n\u00a0 \u00a0 0 Bad value errors\n\u00a0 \u00a0 0 General errors\n\u00a0 \u00a0 0 Response PDUs\n\u00a0 \u00a0 0 Trap PDUs\n\u00a0 \u00a0 0 Trap drops\nAccess Control\n\u00a0 \u00a0 0 Users\n\u00a0 \u00a0 0 Groups\n\u00a0 \u00a0 0 Views\nSNMP logging: disabled\nSNMP agent enabled in VRFs: default\nTransmit message maximum size: 1500\n\n\n\u00a0\n\nIf SNMP is not configured there is no exposure to this issue and the show snmp\u00a0output will look something like:\n\nswitch\u003eshow snmp\nChassis: XXXXXXXXXXX\nSNMP agent enabled in VRFs: default\nTransmit message maximum size: 65536\nSNMP agent disabled: Either no communities and no users are configured, or no VRFs are configured.\n\n\n\u00a0\n\nIf the transmit max-size\u00a0is not configured there is no exposure to this issue and even if SNMP is configured, the show snmp\u00a0output will look something like:\n\nswitch\u003eshow snmp\nChassis: None\n0 SNMP packets input\n\u00a0 \u00a0 0 Bad SNMP version errors\n\u00a0 \u00a0 0 Unknown community name\n\u00a0 \u00a0 0 Illegal operation for community name supplied\n\u00a0 \u00a0 0 Encoding errors\n\u00a0 \u00a0 0 Number of requested variables\n\u00a0 \u00a0 0 Number of altered variables\n\u00a0 \u00a0 0 Get-request PDUs\n\u00a0 \u00a0 0 Get-next PDUs\n\u00a0 \u00a0 0 Set-request PDUs\n0 SNMP packets output\n\u00a0 \u00a0 0 Too big errors\n\u00a0 \u00a0 0 No such name errors\n\u00a0 \u00a0 0 Bad value errors\n\u00a0 \u00a0 0 General errors\n\u00a0 \u00a0 0 Response PDUs\n\u00a0 \u00a0 0 Trap PDUs\n\u00a0 \u00a0 0 Trap drops\nAccess Control\n\u00a0 \u00a0 0 Users\n\u00a0 \u00a0 0 Groups\n\u00a0 \u00a0 0 Views\nSNMP logging: disabled\nSNMP agent enabled in VRFs: default\nTransmit message maximum size: 65536"
        }
      ],
      "datePublic": "2024-11-19T20:08:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eOn affected platforms running Arista EOS with SNMP configured, if \u201c\u003cb\u003esnmp-server transmit max-size\u003c/b\u003e\u201d is configured, under some circumstances a specially crafted packet can cause the snmpd process to leak memory. This may result in the snmpd process being terminated (causing SNMP requests to time out until snmpd is restarted) and memory pressure for other processes on the switch. Increased memory pressure can cause processes other than snmpd to be at risk for unexpected termination as well.\u003c/p\u003e"
            }
          ],
          "value": "On affected platforms running Arista EOS with SNMP configured, if \u201csnmp-server transmit max-size\u201d is configured, under some circumstances a specially crafted packet can cause the snmpd process to leak memory. This may result in the snmpd process being terminated (causing SNMP requests to time out until snmpd is restarted) and memory pressure for other processes on the switch. Increased memory pressure can cause processes other than snmpd to be at risk for unexpected termination as well."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "capex-130"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "cwe-401",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-10T20:19:10.234Z",
        "orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
        "shortName": "Arista"
      },
      "references": [
        {
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20650-security-advisory-0107"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades\"\u003eEOS User Manual: Upgrades and Downgrades\u003c/a\u003e\u003c/p\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eCVE-2024-7095 has been fixed in the following releases:\u003c/div\u003e\u003cul\u003e\u003cli\u003e4.32.3M and later releases in the 4.32.x train\u003c/li\u003e\u003cli\u003e4.31.5M and later releases in the 4.31.x train\u003c/li\u003e\u003cli\u003e4.30.8M and later releases in the 4.30.x train\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
            }
          ],
          "value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see  EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades \n\n\u00a0\n\nCVE-2024-7095 has been fixed in the following releases:\n\n  *  4.32.3M and later releases in the 4.32.x train\n  *  4.31.5M and later releases in the 4.31.x train\n  *  4.30.8M and later releases in the 4.30.x train"
        }
      ],
      "source": {
        "advisory": "107",
        "defect": [
          "BUG974415"
        ],
        "discovery": "INTERNAL"
      },
      "title": "On affected platforms running Arista EOS with SNMP configured, if \u201csnmp-server transmit max-size\u201d is configured, under some circumstances a specially crafted packet can cause the snmpd process to leak memory. This may result in the snmpd process being term",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe workaround is to disable \u003cb\u003esnmp-server transmit max-size\u003c/b\u003e\u0026nbsp;configuration:\u003c/p\u003e\u003cpre\u003eno snmp-server transmit max-size\u003c/pre\u003e\u003cbr\u003e"
            }
          ],
          "value": "The workaround is to disable snmp-server transmit max-size\u00a0configuration:\n\nno snmp-server transmit max-size"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
    "assignerShortName": "Arista",
    "cveId": "CVE-2024-7095",
    "datePublished": "2025-01-10T20:19:10.234Z",
    "dateReserved": "2024-07-24T22:07:44.124Z",
    "dateUpdated": "2025-01-14T14:33:54.850Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

wid-sec-w-2024-3506

Vulnerability from csaf_certbund

CVE-2024-5872 (GCVE-0-2024-5872)

Vulnerability from cvelistv5

CVE-2024-7095 (GCVE-0-2024-7095)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature