Security Advisories
Arista Networks is committed to maintaining the highest standards of security across our product portfolio. Leveraging extensive testing and monitoring of vulnerabilities to isolate and neutralize threats early, Arista's Product Security Incident Response Team (PSIRT) provides global coverage for public reporting of possible security vulnerabilities across the product portfolio.
The PSIRT team monitors industry-wide vulnerability reporting as well as providing a single point of contact for customers and interested third parties to investigate and identify potential threats. The PSIRT team also works to communicate these issues back to the user community in a timely manner.
Report security vulnerabilities found in Arista products to the PSIRT team via psirt@arista.com. It is recommended to use Arista's PGP key for secure communication.
For technical assistance with workarounds and hotfix installations recommended in security advisories, please contact the Arista Support team at support@arista.com.
PSIRT Advisories
The following advisories and referenced materials are provided on an "as is" basis for use at your own risk. Arista Networks reserves the right to change or update the advisories without notice at any time.
Security Advisory 0045
December 4, 2019
CVE-ID tracking this issue is: CVE-2019-18615
CVSSv3 Base Score: 7.4 (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:N)
Security Advisory 0044
December 4, 2019
The CVE-ID tracking this issue is: CVE-2019-18181
CVSSv3 Base Score: 5.6 (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N)
Security Advisory 0043
November 6th, 2019
The CVE-IDs tracking this issue: CVE-2019-9512, CVE-2019-9514, and CVE-2019-9515
CVSSv3 Base Score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Security Advisory 0042
October 9th, 2019
Security Advisory for CVE-2019-14810
Security Advisory 0041
July 2nd, 2019
The CVE-IDs tracking this issue are CVE-2019-11477, CVE-2019-11478, and CVE-2019-11479.
Security Advisory 0040
April 29th, 2019
Kernel crash due certain malformed packets using "IP Options"
Security Advisory 0039
January 16th, 2019
The CVE-IDs tracking this issue are CVE-2018-16873, CVE-2018-16874 and CVE-2018-16875
Security Advisory 0038
September 13th, 2018
The CVE-ID tracking this issue is CVE-2018-14008
Security Advisory 0037
August 14th, 2018
The CVE-ID tracking this issue is CVE-2018-5391
Security Advisory 0036
August 6th, 2018
Vulnerability assessment of CVE-2018-5390 for Arista Products