← back
CVE-2024-12378

On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear.

CVSS 9.1 CRITICALEPSS 0.4%CWE-319
On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected products
Arista Networks · CloudVision Portal

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.arista.com/en/support/advisories-notices/security-advisory/21289-security-advisory-0113