CVE-2023-3646 - Vulnerability Details

CVE-2023-3646 - On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.

On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Arista	7280cr3-32d4 7280cr3-32p4 7280cr3-36s 7280cr3-96 7280cr3a-24d12 7280cr3a-48d6 7280cr3a-72 7280dr3-24 7280dr3a-36 7280dr3a-54 7280dr3ak-36 7280dr3ak-54 7280dr3am-36 7280dr3am-54 7280pr3-24 7280r3 7280sr3-40yc6 7280sr3-48yc8 7280tr3-40c6 7289r3a-sc 7289r3ak-sc 7289r3am-sc 7500r3-24d 7500r3-24p 7500r3-36cq 7500r3k-36cq 7500r3k-48y4d 7504r3 7508r3 7512r3 7800r3-36d 7800r3-36p 7800r3-48cq 7800r3a-36d 7800r3a-36dm 7800r3a-36p 7800r3a-36pm 7800r3ak-36dm 7800r3ak-36pm 7800r3k-36dm 7800r3k-48cq 7800r3k-48cqms 7800r3k-72y7512r3 7808r3 7812r3 7816r3 Eos

Configuration 1 [-]

AND

OR	cpe:2.3:o:arista:eos::::::::
	cpe:2.3:o:arista:eos::::::::

OR	cpe:2.3:h:arista:7280cr3-32d4:-:::::::*
	cpe:2.3:h:arista:7280cr3-32p4:-:::::::*
	cpe:2.3:h:arista:7280cr3-36s:-:::::::*
	cpe:2.3:h:arista:7280cr3-96:-:::::::*
	cpe:2.3:h:arista:7280cr3a-24d12:-:::::::*
	cpe:2.3:h:arista:7280cr3a-48d6:-:::::::*
	cpe:2.3:h:arista:7280cr3a-72:-:::::::*
	cpe:2.3:h:arista:7280dr3-24:-:::::::*
	cpe:2.3:h:arista:7280dr3a-36:-:::::::*
	cpe:2.3:h:arista:7280dr3a-54:-:::::::*
	cpe:2.3:h:arista:7280dr3ak-36:-:::::::*
	cpe:2.3:h:arista:7280dr3ak-54:-:::::::*
	cpe:2.3:h:arista:7280dr3am-36:-:::::::*
	cpe:2.3:h:arista:7280dr3am-54:-:::::::*
	cpe:2.3:h:arista:7280pr3-24:-:::::::*
	cpe:2.3:h:arista:7280r3:-:::::::*
	cpe:2.3:h:arista:7280sr3-40yc6:-:::::::*
	cpe:2.3:h:arista:7280sr3-48yc8:-:::::::*
	cpe:2.3:h:arista:7280tr3-40c6:-:::::::*
	cpe:2.3:h:arista:7289r3a-sc:-:::::::*
	cpe:2.3:h:arista:7289r3ak-sc:-:::::::*
	cpe:2.3:h:arista:7289r3am-sc:-:::::::*
	cpe:2.3:h:arista:7500r3-24d:-:::::::*
	cpe:2.3:h:arista:7500r3-24p:-:::::::*
	cpe:2.3:h:arista:7500r3-36cq:-:::::::*
	cpe:2.3:h:arista:7500r3k-36cq:-:::::::*
	cpe:2.3:h:arista:7500r3k-48y4d:-:::::::*
	cpe:2.3:h:arista:7504r3:-:::::::*
	cpe:2.3:h:arista:7508r3:-:::::::*
	cpe:2.3:h:arista:7512r3:-:::::::*
	cpe:2.3:h:arista:7800r3-36d:-:::::::*
	cpe:2.3:h:arista:7800r3-36p:-:::::::*
	cpe:2.3:h:arista:7800r3-48cq:-:::::::*
	cpe:2.3:h:arista:7800r3a-36d:-:::::::*
	cpe:2.3:h:arista:7800r3a-36dm:-:::::::*
	cpe:2.3:h:arista:7800r3a-36p:-:::::::*
	cpe:2.3:h:arista:7800r3a-36pm:-:::::::*
	cpe:2.3:h:arista:7800r3ak-36dm:-:::::::*
	cpe:2.3:h:arista:7800r3ak-36pm:-:::::::*
	cpe:2.3:h:arista:7800r3k-36dm:-:::::::*
	cpe:2.3:h:arista:7800r3k-48cq:-:::::::*
	cpe:2.3:h:arista:7800r3k-48cqms:-:::::::*
	cpe:2.3:h:arista:7800r3k-72y7512r3:-:::::::*
	cpe:2.3:h:arista:7808r3:-:::::::*
	cpe:2.3:h:arista:7812r3:-:::::::*
	cpe:2.3:h:arista:7816r3:-:::::::*

No data.

References

Link	Providers
https://www.arista.com/en/support/advisories-notices/security-advisory/18042-security-advisory-0088

History

Mon, 30 Sep 2024 18:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Arista

Published: 2023-08-29T16:31:57.668Z

Updated: 2024-09-30T17:44:07.777Z

Reserved: 2023-07-12T17:53:27.986Z

Link: CVE-2023-3646

Vulnrichment

Updated: 2024-08-02T07:01:57.478Z

NVD

Status : Modified

Published: 2023-08-29T17:15:12.727

Modified: 2024-11-21T08:17:44.693

Link: CVE-2023-3646

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object