9.3

CVE-2023-24509

Exploit

EPSS 0.05%
Published 13.04.2023 20:15:08
Last modified 21.11.2024 07:48:00
Source psirt@arista.com
Teams watchlist Login
Open Login

On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading to a privilege escalation. Valid user credentials are required in order to exploit this vulnerability.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Arista ≫ Eos Version >= 4.23 <= 4.23.13m

   Arista ≫ 704x3 Version-
   Arista ≫ 7304x Version-
   Arista ≫ 7304x3 Version-
   Arista ≫ 7308x Version-
   Arista ≫ 7316x Version-
   Arista ≫ 7324x Version-
   Arista ≫ 7328x Version-
   Arista ≫ 7504r Version-
   Arista ≫ 7504r3 Version-
   Arista ≫ 7508r Version-
   Arista ≫ 7508r3 Version-
   Arista ≫ 7512r Version-
   Arista ≫ 7512r3 Version-
   Arista ≫ 7516r Version-
   Arista ≫ 755x Version-
   Arista ≫ 758x Version-
   Arista ≫ 7804r3 Version-
   Arista ≫ 7808r3 Version-
   Arista ≫ 7812r3 Version-
   Arista ≫ 7816r3 Version-

Arista ≫ Eos Version >= 4.24.0 < 4.24.11m

   Arista ≫ 704x3 Version-
   Arista ≫ 7304x Version-
   Arista ≫ 7304x3 Version-
   Arista ≫ 7308x Version-
   Arista ≫ 7316x Version-
   Arista ≫ 7324x Version-
   Arista ≫ 7328x Version-
   Arista ≫ 7504r Version-
   Arista ≫ 7504r3 Version-
   Arista ≫ 7508r Version-
   Arista ≫ 7508r3 Version-
   Arista ≫ 7512r Version-
   Arista ≫ 7512r3 Version-
   Arista ≫ 7516r Version-
   Arista ≫ 755x Version-
   Arista ≫ 758x Version-
   Arista ≫ 7804r3 Version-
   Arista ≫ 7808r3 Version-
   Arista ≫ 7812r3 Version-
   Arista ≫ 7816r3 Version-

Arista ≫ Eos Version >= 4.25.0 < 4.25.10m

   Arista ≫ 704x3 Version-
   Arista ≫ 7304x Version-
   Arista ≫ 7304x3 Version-
   Arista ≫ 7308x Version-
   Arista ≫ 7316x Version-
   Arista ≫ 7324x Version-
   Arista ≫ 7328x Version-
   Arista ≫ 7504r Version-
   Arista ≫ 7504r3 Version-
   Arista ≫ 7508r Version-
   Arista ≫ 7508r3 Version-
   Arista ≫ 7512r Version-
   Arista ≫ 7512r3 Version-
   Arista ≫ 7516r Version-
   Arista ≫ 755x Version-
   Arista ≫ 758x Version-
   Arista ≫ 7804r3 Version-
   Arista ≫ 7808r3 Version-
   Arista ≫ 7812r3 Version-
   Arista ≫ 7816r3 Version-

Arista ≫ Eos Version >= 4.26.0 < 4.26.9m

   Arista ≫ 704x3 Version-
   Arista ≫ 7304x Version-
   Arista ≫ 7304x3 Version-
   Arista ≫ 7308x Version-
   Arista ≫ 7316x Version-
   Arista ≫ 7324x Version-
   Arista ≫ 7328x Version-
   Arista ≫ 7504r Version-
   Arista ≫ 7504r3 Version-
   Arista ≫ 7508r Version-
   Arista ≫ 7508r3 Version-
   Arista ≫ 7512r Version-
   Arista ≫ 7512r3 Version-
   Arista ≫ 7516r Version-
   Arista ≫ 755x Version-
   Arista ≫ 758x Version-
   Arista ≫ 7804r3 Version-
   Arista ≫ 7808r3 Version-
   Arista ≫ 7812r3 Version-
   Arista ≫ 7816r3 Version-

Arista ≫ Eos Version >= 4.27.0 < 4.27.7m

   Arista ≫ 704x3 Version-
   Arista ≫ 7304x Version-
   Arista ≫ 7304x3 Version-
   Arista ≫ 7308x Version-
   Arista ≫ 7316x Version-
   Arista ≫ 7324x Version-
   Arista ≫ 7328x Version-
   Arista ≫ 7504r Version-
   Arista ≫ 7504r3 Version-
   Arista ≫ 7508r Version-
   Arista ≫ 7508r3 Version-
   Arista ≫ 7512r Version-
   Arista ≫ 7512r3 Version-
   Arista ≫ 7516r Version-
   Arista ≫ 755x Version-
   Arista ≫ 758x Version-
   Arista ≫ 7804r3 Version-
   Arista ≫ 7808r3 Version-
   Arista ≫ 7812r3 Version-
   Arista ≫ 7816r3 Version-

Arista ≫ Eos Version >= 4.28.0 < 4.28.4m

   Arista ≫ 704x3 Version-
   Arista ≫ 7304x Version-
   Arista ≫ 7304x3 Version-
   Arista ≫ 7308x Version-
   Arista ≫ 7316x Version-
   Arista ≫ 7324x Version-
   Arista ≫ 7328x Version-
   Arista ≫ 7504r Version-
   Arista ≫ 7504r3 Version-
   Arista ≫ 7508r Version-
   Arista ≫ 7508r3 Version-
   Arista ≫ 7512r Version-
   Arista ≫ 7512r3 Version-
   Arista ≫ 7516r Version-
   Arista ≫ 755x Version-
   Arista ≫ 758x Version-
   Arista ≫ 7804r3 Version-
   Arista ≫ 7808r3 Version-
   Arista ≫ 7812r3 Version-
   Arista ≫ 7816r3 Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.169

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
psirt@arista.com	9.3	2.5	6	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://www.arista.com/en/support/advisories-notices/security-advisory/16985-security-advisory-0082

Vendor Advisory

Exploit

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2023-24509

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-24509

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-24509

EUVD