Security Advisories

May 14th, 2015

Arista 7000 Series Products and Arista EOS are vulnerable to CVE-2015-3456 (VENOM).

Read more...

January 28th 2015

Arista 7000 Series Products and Arista EOS are not remotely exploitable by CVE-2015- 0235

Read more...

October 20th 2014

SSLv3 is vulnerable to potential man in the middle attacks (CVE-2014-3566)

Read more...

January 9th 2015

Arista 7000 Series Products and Arista EOS are not vulnerable to NTP CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, and CVE-2014-9296.

Read more...

September 29th 2014

Shell command Bash code injection vulnerability (CVE-2014-6271, CVE-2014-6278, and CVE-2014-7169)

Read more...

June 9th 2014

Open SSL clients running on Arista EOS vulnerable to SSL/TLS MITM vulnerability (CVE-2014-0224)

Read more...

April 9th 2014

Arista 7000 Series Products and Arista EOS Not Vulnerable to OpenSSL CVE-2014-0160

Read more...

February 14, 2014

Affected Software Version: EOS-4.13.0F through EOS-4.13.1F.

Read more...

September 12, 2012

Null pointer dereference in nf_conntrack_ipv6. Affected software releases include EOS-4.8.0 through EOS-4.8.7, EOS-4.9.0 through EOS-4.9.5, EOS-4.10, EOS-4.10.1

Read more...

June 17, 2008

SNMP v3 authentication may be bypassed on Arista Networks Switches running EOS 2.0.2 or earlier. Recommendation is to upgrade to EOS 2.0.3 or later.

Read more...