vulnerability
security-advisory-0062
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Mar 16, 2021 | Sep 4, 2024 | Jan 14, 2026 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Mar 16, 2021
Added
Sep 4, 2024
Modified
Jan 14, 2026
Description
This advisory documents the impact of a publicly disclosed vulnerability in the Go programming language (maintained by Google), on Arista products. The vulnerability affects features that use TLS connections or client certificate authentication. When exploited, the vulnerability can allow denial of service attacks for the affected features. EOS devices running the affected releases are vulnerable if any of the following features are enabled: TerminAttr, gRIBI, Octa, or OpenConfig. The impact is an agent crash for the affected feature. Arista is not aware of any malicious uses of this issue in customer networks.
Solution
upgrade-solution-cve-2020-28362
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.