5.3

CVE-2025-2796

EPSS 0.15%
Veröffentlicht 27.05.2025 22:16:53
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle psirt@arista.com
CVE-Watchlists
Login
Unerledigt
Login

On affected platforms with hardware IPSec support running Arista EOS with IPsec enabled and anti-replay protection configured, EOS may exhibit unexpected behavior in specific cases. Received duplicate encrypted packets, which should be dropped under normal

On affected platforms with hardware IPSec support running Arista EOS with IPsec enabled and anti-replay protection configured, EOS may exhibit unexpected behavior in specific cases. Received duplicate encrypted packets, which should be dropped under normal anti-replay protection, will instead be forwarded due to this vulnerability.

Note: this issue does not affect VXLANSec or MACSec encryption functionality.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 4

CNA 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerArista Networks

≫

Produkt EOS

Default Statusunaffected

Version <= 4.33.2F

Version 4.33.0

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.15%	0.353

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
psirt@arista.com	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://www.arista.com/en/support/advisories-notices/security-advisory/21413-security-advisory-0119

https://nvd.nist.gov/vuln/detail/CVE-2025-2796

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-2796

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-2796

EUVD