{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-24512", "assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "assignerShortName": "Arista", "dateUpdated": "2025-02-03T19:15:59.467Z", "dateReserved": "2023-01-24T00:00:00.000Z", "datePublished": "2023-04-25T00:00:00.000Z"}, "containers": {"cna": {"title": "On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. ", "datePublic": "2023-04-25T00:00:00.000Z", "providerMetadata": {"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "shortName": "Arista", "dateUpdated": "2023-04-25T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent (referred to as the TerminAttr agent) is enabled and gNMI access is configured on the agent. Note: This gNMI over the Streaming Telemetry Agent scenario is mostly commonly used when streaming to a 3rd party system and is not used by default when streaming to CloudVision"}], "affected": [{"vendor": "Arista Networks", "product": "Terminattr", "versions": [{"version": "1.23.0", "status": "affected"}, {"version": "unspecified", "lessThanOrEqual": "1.19.5", "status": "affected", "versionType": "custom"}, {"version": "1.24.0", "status": "affected", "lessThanOrEqual": "1.24.3", "versionType": "custom"}, {"version": "1.22.0", "status": "affected", "lessThanOrEqual": "1.22.1", "versionType": "custom"}]}], "references": [{"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17250-security-advisory-0086"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-284 Improper Access Control", "cweId": "CWE-284"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"advisory": "86", "defect": ["751697"], "discovery": "INTERNAL"}, "configurations": [{"lang": "en", "value": "In order to be vulnerable to CVE-2023-24512 the following conditions must be all be met:\n\nA vulnerable version of the Streaming Telemetry Agent must be installed on the switch. The version can be verified with the following commands:\n#show version detail | grep TerminAttr-core\nTerminAttr-core v1.13.3 1\n\nIn the above example, TerminAttr 1.13.3 is installed.\n\nThe agent must be running on the switch. This can be verified as follows on the switch:\nswitch# show daemon TerminAttr\nProcess: TerminAttr (running with PID 2430)\n\n\nThe Streaming Telemetry Agent must be configured to allow external connections using gRPC. This can be verified by the presence of the -grpcaddr option:\nswitch# daemon TerminAttr\n show active\ndaemon TerminAttr\n exec /usr/bin/TerminAttr -grpcaddr=... <other options...>"}], "workarounds": [{"lang": "en", "value": "The streaming telemetry agent can be configured in gRPC read-only mode by specifying -grpcreadonly as part of its configuration. For instance as follows:\n\nswitch# daemon TerminAttr\n exec /usr/bin/TerminAttr -grpcreadonly -grpcaddr=... <other options...>\n no shutdown\n\n\nIf TerminAttr is running, it must be restarted for the configuration to take effect. This can be done as follows:\n\nswitch# daemon TerminAttr\n shutdown\n wait-for-warmup\n no shutdown"}], "solutions": [{"lang": "en", "value": "While the steps listed above resolve the issue, the recommended long term solution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below.\n\nThere are two possible solutions:\n\nUpgrade the Streaming Telemetry Agent \nCustomers can upgrade the Streaming Telemetry Agent to a fixed version, following the directions in https://arista.my.site.com/AristaCommunity/s/article/terminattr-upgrade-downgrade. Fixes are available in the following supported release trains:\nTerminAttr 1.25.0 and later Terminattr versions\nUsers of 1.24.X and 1.23.X TerminAttr releases should upgrade to TerminAttr 1.25.0 or later.\nTerminAttr 1.22.2 and later version in the TerminAttr 1.22.X train\nTerminAttr 1.19.6 and later versions in the TerminAttr 1.19.X train\n"}, {"lang": "en", "value": "Upgrade EOS\nCustomers can upgrade to a version of EOS which contains a fixed version of the Streaming Telemetry Agent within the EOS image, as documented in https://www.arista.com/en/um-eos/eos-upgradedowngrade-overview:\nEOS 4.29.2F and later releases, which contains TerminAttr 1.25.0 or a more recent version\nEOS 4.28.6M and later releases in the 4.28.X train, which contains TerminAttr 1.22.2 or a more recent version\nEOS 4.27.9M and later releases in the 4.27.X train, which contains TerminAttr 1.19.6 or a more recent version\nEOS 4.26.10M and later releases in the 4.26.X train, which contains TerminAttr 1.19.6 or a more recent version\n"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:56:04.371Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17250-security-advisory-0086", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-03T19:15:55.595547Z", "id": "CVE-2023-24512", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-03T19:15:59.467Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-24512", "assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "assignerShortName": "Arista", "dateUpdated": "2025-02-03T19:15:59.467Z", "dateReserved": "2023-01-24T00:00:00.000Z", "datePublished": "2023-04-25T00:00:00.000Z"}, "containers": {"cna": {"title": "On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. ", "datePublic": "2023-04-25T00:00:00.000Z", "providerMetadata": {"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "shortName": "Arista", "dateUpdated": "2023-04-25T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent (referred to as the TerminAttr agent) is enabled and gNMI access is configured on the agent. Note: This gNMI over the Streaming Telemetry Agent scenario is mostly commonly used when streaming to a 3rd party system and is not used by default when streaming to CloudVision"}], "affected": [{"vendor": "Arista Networks", "product": "Terminattr", "versions": [{"version": "1.23.0", "status": "affected"}, {"version": "unspecified", "lessThanOrEqual": "1.19.5", "status": "affected", "versionType": "custom"}, {"version": "1.24.0", "status": "affected", "lessThanOrEqual": "1.24.3", "versionType": "custom"}, {"version": "1.22.0", "status": "affected", "lessThanOrEqual": "1.22.1", "versionType": "custom"}]}], "references": [{"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17250-security-advisory-0086"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-284 Improper Access Control", "cweId": "CWE-284"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"advisory": "86", "defect": ["751697"], "discovery": "INTERNAL"}, "configurations": [{"lang": "en", "value": "In order to be vulnerable to CVE-2023-24512 the following conditions must be all be met:\n\nA vulnerable version of the Streaming Telemetry Agent must be installed on the switch. The version can be verified with the following commands:\n#show version detail | grep TerminAttr-core\nTerminAttr-core v1.13.3 1\n\nIn the above example, TerminAttr 1.13.3 is installed.\n\nThe agent must be running on the switch. This can be verified as follows on the switch:\nswitch# show daemon TerminAttr\nProcess: TerminAttr (running with PID 2430)\n\n\nThe Streaming Telemetry Agent must be configured to allow external connections using gRPC. This can be verified by the presence of the -grpcaddr option:\nswitch# daemon TerminAttr\n show active\ndaemon TerminAttr\n exec /usr/bin/TerminAttr -grpcaddr=... <other options...>"}], "workarounds": [{"lang": "en", "value": "The streaming telemetry agent can be configured in gRPC read-only mode by specifying -grpcreadonly as part of its configuration. For instance as follows:\n\nswitch# daemon TerminAttr\n exec /usr/bin/TerminAttr -grpcreadonly -grpcaddr=... <other options...>\n no shutdown\n\n\nIf TerminAttr is running, it must be restarted for the configuration to take effect. This can be done as follows:\n\nswitch# daemon TerminAttr\n shutdown\n wait-for-warmup\n no shutdown"}], "solutions": [{"lang": "en", "value": "While the steps listed above resolve the issue, the recommended long term solution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below.\n\nThere are two possible solutions:\n\nUpgrade the Streaming Telemetry Agent \nCustomers can upgrade the Streaming Telemetry Agent to a fixed version, following the directions in https://arista.my.site.com/AristaCommunity/s/article/terminattr-upgrade-downgrade. Fixes are available in the following supported release trains:\nTerminAttr 1.25.0 and later Terminattr versions\nUsers of 1.24.X and 1.23.X TerminAttr releases should upgrade to TerminAttr 1.25.0 or later.\nTerminAttr 1.22.2 and later version in the TerminAttr 1.22.X train\nTerminAttr 1.19.6 and later versions in the TerminAttr 1.19.X train\n"}, {"lang": "en", "value": "Upgrade EOS\nCustomers can upgrade to a version of EOS which contains a fixed version of the Streaming Telemetry Agent within the EOS image, as documented in https://www.arista.com/en/um-eos/eos-upgradedowngrade-overview:\nEOS 4.29.2F and later releases, which contains TerminAttr 1.25.0 or a more recent version\nEOS 4.28.6M and later releases in the 4.28.X train, which contains TerminAttr 1.22.2 or a more recent version\nEOS 4.27.9M and later releases in the 4.27.X train, which contains TerminAttr 1.19.6 or a more recent version\nEOS 4.26.10M and later releases in the 4.26.X train, which contains TerminAttr 1.19.6 or a more recent version\n"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:56:04.371Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17250-security-advisory-0086", "tags": ["x_transferred"]}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-24512", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-03T19:15:55.595547Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-03T19:14:46.988Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "341CA00E-8BDE-4BF9-90D4-7B07FC484D18", "versionEndExcluding": "4.26.10m", "versionStartIncluding": "4.26.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "00A7CEC1-C298-4AEE-A079-550167C2AA3A", "versionEndExcluding": "4.27.9m", "versionStartIncluding": "4.27.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "32D876FE-C639-4870-A412-0239EA0155D0", "versionEndExcluding": "4.28.6m", "versionStartIncluding": "4.28.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:eos:*:*:*:*:*:*:*:*", "matchCriteriaId": "24621B26-04A1-4693-BCB4-437544C08B50", "versionEndExcluding": "4.29.2f", "versionStartIncluding": "4.29.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arista:32qd:-:*:*:*:*:*:*:*", "matchCriteriaId": "4184EB8C-5972-413F-A6CD-B1365D242B41", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:48ehs:-:*:*:*:*:*:*:*", "matchCriteriaId": "FED3033F-6AFD-462B-BED4-032D84D41068", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:48lbas:-:*:*:*:*:*:*:*", "matchCriteriaId": "8EDFE460-5163-4A86-BFDE-7F0FA8EC96D1", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:48lbs:-:*:*:*:*:*:*:*", "matchCriteriaId": "8C680AE5-0810-4A0C-9234-405F2A879F87", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:48s6qd:-:*:*:*:*:*:*:*", "matchCriteriaId": "38A296BD-4449-447C-AF27-F6C033C686D6", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7010t-48:-:*:*:*:*:*:*:*", "matchCriteriaId": "4CCF6152-815E-4B3C-AE4B-CA598BEBD020", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7020sr-24c2:-:*:*:*:*:*:*:*", "matchCriteriaId": "7781CB15-3452-47D9-A961-8B09F2E9AEC1", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7020sr-32c2:-:*:*:*:*:*:*:*", "matchCriteriaId": "09A31FB8-512E-43EF-8F87-E02E35F5251E", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7020tr-48:-:*:*:*:*:*:*:*", "matchCriteriaId": "2CBFF922-28D7-42D6-8796-91AD9A178D28", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7020tra-48:-:*:*:*:*:*:*:*", "matchCriteriaId": "561B4042-DFD3-4BC0-9C5F-74799A7E92C5", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050cx3-32s:-:*:*:*:*:*:*:*", "matchCriteriaId": "E1FF0290-C671-4ABC-8A12-05E4D55FC4AE", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050cx3m-32s:-:*:*:*:*:*:*:*", "matchCriteriaId": "828C6E4F-814A-4060-8F5E-7FF359C8739C", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050qx-32s:-:*:*:*:*:*:*:*", "matchCriteriaId": "253D74DE-97F5-40F3-B179-D2D4442C57FD", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050qx2-32s:-:*:*:*:*:*:*:*", "matchCriteriaId": "75E03F9E-522F-4D9B-9267-09E2550B5465", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050sx-128:-:*:*:*:*:*:*:*", "matchCriteriaId": "895A7AFD-BE76-47F5-B67B-6279046E4274", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050sx-64:-:*:*:*:*:*:*:*", "matchCriteriaId": "74E258EC-EA50-4185-AA35-5D963C359E74", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050sx-72q:-:*:*:*:*:*:*:*", "matchCriteriaId": "1482D4FC-60B9-4C89-B892-71AA3E1031F3", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050sx2-128:-:*:*:*:*:*:*:*", "matchCriteriaId": "C99D84E9-2229-459E-AE90-49C2EF670884", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050sx2-72q:-:*:*:*:*:*:*:*", "matchCriteriaId": "D922C725-1139-4DD4-92FC-9FF15E35CE62", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050sx3-48c8:-:*:*:*:*:*:*:*", "matchCriteriaId": "FE35C17F-0C60-4A40-9949-D4C5D94D1D7A", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050sx3-48yc:-:*:*:*:*:*:*:*", "matchCriteriaId": "07BA078E-30B7-4E2C-B240-BF64E98143E9", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050sx3-48yc12:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBFD0706-CACB-40FA-A41B-46B39C6E1D33", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050sx3-48yc8:-:*:*:*:*:*:*:*", "matchCriteriaId": "5951D243-CB68-4B41-A913-D879CE502795", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050sx3-96yc8:-:*:*:*:*:*:*:*", "matchCriteriaId": "73156612-D338-4E20-8C82-0E65DAA72331", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050tx-48:-:*:*:*:*:*:*:*", "matchCriteriaId": "78E7CDCC-ADC6-4854-BFC4-72DA47C5F10B", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050tx-64:-:*:*:*:*:*:*:*", "matchCriteriaId": "2B03678D-AD7B-4B1A-8E6A-1811DD8B1483", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050tx-72q:-:*:*:*:*:*:*:*", "matchCriteriaId": "E803639C-13A1-48CA-A589-C83654AE454F", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050tx2-128:-:*:*:*:*:*:*:*", "matchCriteriaId": "A495D282-D3DC-4D18-AB72-2358834C238E", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7050tx3-48c8:-:*:*:*:*:*:*:*", "matchCriteriaId": "388C57D8-4B3C-4E5D-84AA-0CB7506F825A", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7060cx-32s:-:*:*:*:*:*:*:*", "matchCriteriaId": "D518C8D5-A86B-46E5-A646-8939BFA2E116", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7060cx2-32s:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1608297-7079-4F3B-857E-708B74E944D9", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7060dx4-32:-:*:*:*:*:*:*:*", "matchCriteriaId": "806A01C5-231D-4F9D-A292-E9DD706A0C66", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7060px4-32:-:*:*:*:*:*:*:*", "matchCriteriaId": "AC10746F-8FC0-49EF-BB9C-EC49B734DFA3", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7060sx2-48yc6:-:*:*:*:*:*:*:*", "matchCriteriaId": "26582E98-B710-46D7-B8F2-9286E0592FA6", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7130-16g3s:-:*:*:*:*:*:*:*", "matchCriteriaId": "EFFA321D-F4A5-434C-BB39-D2B2687001D6", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7130-48g3s:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2BE67B8-F326-48B7-AB82-04FE8C2E37E2", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7130-96s:-:*:*:*:*:*:*:*", "matchCriteriaId": "3264E086-4E90-41D0-8583-8FCF3CE4885D", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7150s-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "93D74C0B-E470-4D45-98E2-775DE43997DF", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7150s-52:-:*:*:*:*:*:*:*", "matchCriteriaId": "1B2CAA23-003C-43E6-87CE-61E4369C2D30", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7150s-64:-:*:*:*:*:*:*:*", "matchCriteriaId": "F7445075-D130-472C-B259-6BACE678541D", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7150sc-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "EF3FA52A-3A67-4515-9790-598860102893", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7150sc-64:-:*:*:*:*:*:*:*", "matchCriteriaId": "6336F166-FAD3-4846-84B9-45F5FAA3D437", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7160-32cq:-:*:*:*:*:*:*:*", "matchCriteriaId": "7620401C-FB14-46F1-979B-B21194F90945", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7160-48tc6:-:*:*:*:*:*:*:*", "matchCriteriaId": "07DFC236-44B3-4EEF-8937-4F86EE99EB45", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7160-48yc6:-:*:*:*:*:*:*:*", "matchCriteriaId": "823E5569-C918-40E6-A2C5-7C415E4ADEF5", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7170-32c:-:*:*:*:*:*:*:*", "matchCriteriaId": "E8EFEEA5-0FC4-4FFC-BF5D-BDBAA1B55C70", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7170-32cd:-:*:*:*:*:*:*:*", "matchCriteriaId": "B2959C68-8731-4F37-B9E7-61E5936D3D8E", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7170-64c:-:*:*:*:*:*:*:*", "matchCriteriaId": "D6FB3395-8D13-4477-A46E-37A88272CFAB", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7170b-64c:-:*:*:*:*:*:*:*", "matchCriteriaId": "7EE3572E-A724-4057-8776-7A95528DCEE7", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:720df-48y:-:*:*:*:*:*:*:*", "matchCriteriaId": "B8FCDB83-38D5-4F02-97E2-BBEF891DCDD7", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:720dp-24s:-:*:*:*:*:*:*:*", "matchCriteriaId": "80EAF795-EB62-4A86-A0FC-A09008E631A6", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:720dp-48s:-:*:*:*:*:*:*:*", "matchCriteriaId": "EA03BA0B-BB2D-41CF-BA2E-B21604D6FBC1", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:720dt-24s:-:*:*:*:*:*:*:*", "matchCriteriaId": "3AE185FD-0D4D-4862-B513-BC68BF3F9F7E", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:720dt-48s:-:*:*:*:*:*:*:*", "matchCriteriaId": "46C2150F-2FD6-452F-8C56-7413E3EB8FDC", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:720xp-24y6:-:*:*:*:*:*:*:*", "matchCriteriaId": "7AFDBCBB-2C1A-4B88-AE28-EF63D5B9EDD2", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:720xp-24zy4:-:*:*:*:*:*:*:*", "matchCriteriaId": "58757129-BF9C-4BD8-B692-BB57023F8A48", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:720xp-48y6:-:*:*:*:*:*:*:*", "matchCriteriaId": "2756BB4B-1053-4EAC-AC0B-785FD5039D5F", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:720xp-48zc2:-:*:*:*:*:*:*:*", "matchCriteriaId": "40D36540-7723-4284-A207-6BD27728CA25", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:720xp-96zc2:-:*:*:*:*:*:*:*", "matchCriteriaId": "DF95CB28-E010-4A1D-A746-F9DDF015868F", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7250qx-64:-:*:*:*:*:*:*:*", "matchCriteriaId": "0DD95B3B-D655-42DC-85C2-2C6FDBCC77F1", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7260cx:-:*:*:*:*:*:*:*", "matchCriteriaId": "E40D14DE-BAFB-461F-9AA7-E3EDC2D8D468", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7260cx3:-:*:*:*:*:*:*:*", "matchCriteriaId": "901E5B76-0EB7-4EAD-A281-15B9F78041AB", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7260qx:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE1DE992-9BFA-4794-82F4-66F464BB384E", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7260sx2:-:*:*:*:*:*:*:*", "matchCriteriaId": "58296832-AA93-4EAE-96BD-28EC368F8391", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280cr2k-60:-:*:*:*:*:*:*:*", "matchCriteriaId": "5F569286-C19F-48CB-AB24-89C4A1EB6F81", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280cr3-32d4:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FEC18B3-7980-4EBF-8E15-F8E92DADD062", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280cr3-32p4:-:*:*:*:*:*:*:*", "matchCriteriaId": "87E85F7C-F33B-49C1-A526-ACC1BEF3B65C", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280cr3-96:-:*:*:*:*:*:*:*", "matchCriteriaId": "2E54F451-CA87-4F32-A088-AE18123CE07A", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280cr3k-32d4:-:*:*:*:*:*:*:*", "matchCriteriaId": "16CB1780-6DEC-4140-A771-9139C77A8A88", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280cr3k-32p4:-:*:*:*:*:*:*:*", "matchCriteriaId": "11DE9CB6-4453-4EED-B7FC-6374F9225B83", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280cr3k-96:-:*:*:*:*:*:*:*", "matchCriteriaId": "A98C94CB-7DFC-4CAC-9D98-B3E80BF1EE56", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280dr3-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "85D9E9FF-564E-4B16-8070-33A366F48FE9", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280dr3k-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "56AF4A54-7568-4FE0-BE5F-02BD9FADDCE5", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280e:-:*:*:*:*:*:*:*", "matchCriteriaId": "A6466FE3-DCE8-4DA5-B893-2BA864F73BC5", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280pr3-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "F14163D2-B236-4C78-9DB4-97DE6D996EBC", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280pr3k-24:-:*:*:*:*:*:*:*", "matchCriteriaId": "4057906A-B27B-4B53-97F6-3F5F35794990", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280sr3-48yc8:-:*:*:*:*:*:*:*", "matchCriteriaId": "8143579F-AD53-4D74-AE3E-4D465DCD7A57", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7280sr3k-48yc8:-:*:*:*:*:*:*:*", "matchCriteriaId": "79AB0F1D-ACCA-490C-96F2-FC23A8611CB8", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7300x-32q:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDF8A65D-6FBC-4C38-8B45-418E6C5EB16C", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7300x-64s:-:*:*:*:*:*:*:*", "matchCriteriaId": "8F088D51-24F4-49AD-8397-73D1EAF45F56", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7300x-64t:-:*:*:*:*:*:*:*", "matchCriteriaId": "69BA5C6D-40C0-4AA3-AC10-D7F097D8EDD9", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7300x3-32c:-:*:*:*:*:*:*:*", "matchCriteriaId": "0040BDDF-D711-4619-9E96-96EFBD33CAA0", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7300x3-48yc4:-:*:*:*:*:*:*:*", "matchCriteriaId": "D4AA716D-CAD1-4689-8A26-977A2E5F869E", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7320x-32c:-:*:*:*:*:*:*:*", "matchCriteriaId": "5AD08CBF-6F42-4F98-B413-F65C5613BE6B", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7358x4:-:*:*:*:*:*:*:*", "matchCriteriaId": "DBC38094-A539-425D-A2B6-770FAF0FC3C4", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7368x4:-:*:*:*:*:*:*:*", "matchCriteriaId": "161DB0D9-9BAC-4546-88D3-5547F4B6149C", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7388x5:-:*:*:*:*:*:*:*", "matchCriteriaId": "B66E706E-56FB-4A49-BD90-76A8CB6BE391", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7500r3-24d:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE1BB565-2668-4242-8A00-5CC9C30B9AC9", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7500r3-24p:-:*:*:*:*:*:*:*", "matchCriteriaId": "15F1A605-8836-4A64-AC5E-ADAB34F8F104", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7500r3-36cq:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE8A047A-9FD9-4AE1-9E47-457A46BAE3A4", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7500r3k-36cq:-:*:*:*:*:*:*:*", "matchCriteriaId": "019B0670-389B-4A4E-8C72-52202E3AA8EF", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7804r3:-:*:*:*:*:*:*:*", "matchCriteriaId": "A54F3D32-5A07-4791-90BF-96BD8A24C2F6", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7808r3:-:*:*:*:*:*:*:*", "matchCriteriaId": "2F078B04-2DA0-4A4B-BB1A-408DC14CB61F", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7812r3:-:*:*:*:*:*:*:*", "matchCriteriaId": "E9B99200-EC76-404E-9900-5D1DC3B9A758", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:7816r3:-:*:*:*:*:*:*:*", "matchCriteriaId": "5A172A49-1A0E-464B-BDDD-A8F52856D595", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:96lbs:-:*:*:*:*:*:*:*", "matchCriteriaId": "FBAE5B17-52F9-4FDD-BD65-AA0C1ADB4806", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:dcs-7010tx-48:-:*:*:*:*:*:*:*", "matchCriteriaId": "9CB43CD4-C96F-483C-B743-3D81C9A65EDF", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:dcs-7500-12cq-lc:-:*:*:*:*:*:*:*", "matchCriteriaId": "CCCC3EC2-D68C-49E5-8E72-35F16853CA04", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:dcs-7500e-12cm-lc:-:*:*:*:*:*:*:*", "matchCriteriaId": "30D363C8-7D75-4EA7-B5BC-566C1C9ECE96", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:dcs-7500e-36q-lc:-:*:*:*:*:*:*:*", "matchCriteriaId": "6E0CD14C-E2C8-4EEC-AAD9-E2428E8610DC", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:dcs-7500e-48s-lc:-:*:*:*:*:*:*:*", "matchCriteriaId": "ACD40F1C-32AA-42DF-9378-724CD949127B", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:dcs-7500e-6c2-lc:-:*:*:*:*:*:*:*", "matchCriteriaId": "4DB63C0B-D27A-4CB4-B379-570C0DC8B958", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:dcs-7500e-72s-lc:-:*:*:*:*:*:*:*", "matchCriteriaId": "2468E734-5CA3-4293-A806-358FE659AEA6", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:dcs-7500r-36cq-lc:-:*:*:*:*:*:*:*", "matchCriteriaId": "52C4EAF7-6FD7-477A-B4BE-DE5920BF7BBA", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:dcs-7500r-36q-lc:-:*:*:*:*:*:*:*", "matchCriteriaId": "ABA8BEE5-9EDC-4BAC-AB7C-4F9E6680388B", "vulnerable": false}, {"criteria": "cpe:2.3:h:arista:dcs-7500r-48s2cq-lc:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB68705B-A8A5-49AB-AC53-02B311900F7D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arista:ceos-lab:*:*:*:*:*:*:*:*", "matchCriteriaId": "2260519E-FB90-4924-95E7-1FCC34C4B38B", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista:cloudeos:-:*:*:*:*:*:*:*", "matchCriteriaId": "362F2E0F-3D40-444F-87F3-21CA70B1AD04", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista:veos-lab:-:*:*:*:*:*:*:*", "matchCriteriaId": "04B29E15-3CFB-45EC-B252-8F02CC1E589C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent (referred to as the TerminAttr agent) is enabled and gNMI access is configured on the agent. Note: This gNMI over the Streaming Telemetry Agent scenario is mostly commonly used when streaming to a 3rd party system and is not used by default when streaming to CloudVision"}], "id": "CVE-2023-24512", "lastModified": "2024-11-21T07:48:01.437", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "psirt@arista.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-04-25T21:15:10.190", "references": [{"source": "psirt@arista.com", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17250-security-advisory-0086"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mitigation", "Vendor Advisory"], "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17250-security-advisory-0086"}], "sourceIdentifier": "psirt@arista.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "psirt@arista.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}