Back to CVE List

CVE-2024-27890

CRITICAL SEVERITY

CVSS Score & Metrics

Base Score
9.6 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H

Vulnerability Description

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-306
Source
NVD
Vendor
Arista Networks
Product
EOS

External References

Discussion (0)

Add Comment

No comments yet. Be the first!