Security Advisories

 

Arista Networks is committed to maintaining the highest standards of security across our product portfolio. Leveraging extensive testing and monitoring of vulnerabilities to isolate and neutralize threats early, Arista's Product Security Incident Response Team (PSIRT) provides global coverage for public reporting of possible security vulnerabilities across the product portfolio.

The PSIRT team monitors industry-wide vulnerability reporting as well as providing a single point of contact for customers and interested third parties to investigate and identify potential threats. The PSIRT team also works to communicate these issues back to the user community in a timely manner.

Report security vulnerabilities found in Arista products to the PSIRT team via psirt@arista.com. It is recommended to use Arista's PGP key for secure communication.

For technical assistance with workarounds and hotfix installations recommended in security advisories, please contact the Arista Support team at support@arista.com.

 

PSIRT Advisories

The following advisories and referenced materials are provided on an "as is" basis for use at your own risk. Arista Networks reserves the right to change or update the advisories without notice at any time.

Security Advisory 0033

April 5th, 2018

Arista Products vulnerability report for CVE-2018-5254

Security Advisory 0032

March 1st, 2018

Arista Products vulnerability report for CVE-2018-5255

Security Advisory 0031

January 3rd, 2018

Arista Products vulnerability report for CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754

Security Advisory 0030

October 2nd, 2017

Security Advisory CVE-2017-14491 - Linux Remote Code Execution in Dnsmasq

Security Advisory 0029

May 15th, 2017

Arista Products vulnerability report for CVE-2017-8231

Security Advisory 0028

May 15th, 2017

Arista Products vulnerability report for CVE-2016-7117

Security Advisory 0027

December 1st, 2016

Arista Products vulnerability report for CVE-2016-9012

Security Advisory 0026

October 21st, 2016

Arista Products vulnerability report for CVE-2016-5195

Security Advisory 0025

October 17th, 2016

Arista DCS-7050 series products vulnerability report for CVE-2016-6894

Security Advisory 0024

October 4th, 2016

Arista Products vulnerability report for security vulnerabilities announcement from the OpenSSL project on September 22nd, 2016