CVE-2023-24545 - OpenCVE

On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Arista	Cloudeos Dca-200-veos

Configuration 1 [-]

AND

OR	cpe:2.3:o:arista:cloudeos::::::::
	cpe:2.3:o:arista:cloudeos::::::::
	cpe:2.3:o:arista:cloudeos::::::::
	cpe:2.3:o:arista:cloudeos::::::::

cpe:2.3:h:arista:dca-200-veos:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.arista.com/en/support/advisories-notices/security-advisory/17240-security-advisory-0085

History

No history.

MITRE

Status: PUBLISHED

Assigner: Arista

Published: 2023-04-12T00:00:00

Updated: 2024-08-02T11:03:17.803Z

Reserved: 2023-01-26T00:00:00

Link: CVE-2023-24545

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-04-12T21:15:18.183

Modified: 2023-04-21T15:09:02.267

Link: CVE-2023-24545

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-24545", "assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "assignerShortName": "Arista", "dateUpdated": "2024-08-02T11:03:17.803Z", "dateReserved": "2023-01-26T00:00:00", "datePublished": "2023-04-12T00:00:00"}, "containers": {"cna": {"title": "On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch.", "datePublic": "2023-04-11T00:00:00", "providerMetadata": {"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "shortName": "Arista", "dateUpdated": "2023-04-12T00:00:00"}, "descriptions": [{"lang": "en", "value": "On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic."}], "affected": [{"vendor": "Arista Networks", "product": "EOS", "versions": [{"version": "4.29.0", "status": "affected", "lessThanOrEqual": "4.29.1F", "versionType": "custom"}, {"version": "4.28.0", "status": "affected", "lessThanOrEqual": "4.28.4M", "versionType": "custom"}, {"version": "4.27.0", "status": "affected", "lessThanOrEqual": "4.27.7M", "versionType": "custom"}, {"version": "4.26.8M", "status": "affected", "lessThanOrEqual": "4.26.8M", "versionType": "custom"}]}], "references": [{"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17240-security-advisory-0085"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-400 Uncontrolled Resource Consumption", "cweId": "CWE-400"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"advisory": "85", "defect": ["743423"], "discovery": "INTERNAL"}, "configurations": [{"lang": "en", "value": "In order to be vulnerable to CVE-2023-24545 and CVE-2023-24513, the switch must be configured to run the Software Forwarding Engine (Sfe). Sfe is the default configuration on CloudEOS platforms. "}], "workarounds": [{"lang": "en", "value": "There is no mitigation / workaround for these issues."}], "solutions": [{"lang": "en", "value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Artista recommends customers move to the latest version of each release that contains all the fixes listed below.\n\nCVE-2023-24545 has been fixed in the following releases:\n4.29.2F and later releases in the 4.29.x train\n4.28.5M and later releases in the 4.28.x train\n4.27.8M and later releases in the 4.27.x train\n4.26.9M and later releases in the 4.26.x train\n"}, {"lang": "en", "value": "The following hotfixes can be applied to remediate both CVE-2023-24545 and CVE-2023-24513. Due to the size of the hotfixes, there are multiple files. Each hotfix applies to a specific set of release trSecurityAdvisory8X_4.28_Hotfix.swixains:\n\nNote: Installing/uninstalling the SWIX will cause Sfe agent to restart and stop forwarding traffic for up to 10 seconds.\n4.29.1F and below releases in the 4.29.x Train:\nURL:SecurityAdvisory85_4.29_Hotfix.swix\nSWIX Hash:\nSHA512 (SHA-512)c965e149cbbaa8698648af9290c5a728e9fe635186eee7629b789502ef37db4a94beea5ecd20e1dc8a19c2cc8988052b625cfccf764c28b8b0e9e4eef8e79bb4Open with Google Docs\n4.28.5M and below releases in the 4.28.x train:\nURL:SecurityAdvisory85_4.28_Hotfix.swix\nSWIX Hash:\n(SHA-512)522d51c6548111d9819ef8b1523b8798ac6847012955e3f885c6f466c81468960fbd4497b45289c8f77297263111340fbdbd7003a30b64e3ef9a270ace62c079\n4.27.8M and below releases in the 4.27.x train:\nURL:SecurityAdvisory85_4.27_Hotfix.swix\nSWIX Hash:\n(SHA-512)5ce5479c11abf185f50d484204555b2dfb9b1c93e8f475d027082ca0951cbfca0f331960a1dd111b8c079264b1dab31b0a62c8daf011afb27b1283c2382747a2Open with Go\n4.26.9M and below releases in the 4.26.x train:\nURL:SecurityAdvisory85_4.26_Hotfix.swix\nSWIX Hash:\n(SHA-512)9386f12a24f35679bdeb08d506bf0bddb9703d1ef3043de2c06d09ff47f2dd0d1bd7aca0748febb5b04fbdeaed7c4ae2922086fb638c754c3a9a5384306396d2\n"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T11:03:17.803Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17240-security-advisory-0085", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arista:cloudeos:*:*:*:*:*:*:*:*", "matchCriteriaId": "7D1A5002-07BD-4669-A7C9-E47A28C3F39C", "versionEndExcluding": "4.26.9m", "versionStartIncluding": "4.26.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:cloudeos:*:*:*:*:*:*:*:*", "matchCriteriaId": "2FEF7B98-AD0E-4DE3-912D-DDC39FE4C3D7", "versionEndExcluding": "4.27.8m", "versionStartIncluding": "4.27.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:cloudeos:*:*:*:*:*:*:*:*", "matchCriteriaId": "DA82CE8C-A95E-48B9-8E61-09429FFBC0DD", "versionEndExcluding": "4.28.5m", "versionStartIncluding": "4.28.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:arista:cloudeos:*:*:*:*:*:*:*:*", "matchCriteriaId": "0769DED3-64E8-4EEC-95BD-CDB18C848B8E", "versionEndExcluding": "4.29.2f", "versionStartIncluding": "4.29.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arista:dca-200-veos:-:*:*:*:*:*:*:*", "matchCriteriaId": "6C9985E3-D496-473F-A806-022EC164EF96", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic."}], "id": "CVE-2023-24545", "lastModified": "2023-04-21T15:09:02.267", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "psirt@arista.com", "type": "Secondary"}]}, "published": "2023-04-12T21:15:18.183", "references": [{"source": "psirt@arista.com", "tags": ["Exploit", "Patch", "Vendor Advisory"], "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/17240-security-advisory-0085"}], "sourceIdentifier": "psirt@arista.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-400"}], "source": "psirt@arista.com", "type": "Secondary"}]}