CVE-2015-8236 — HIGH (10.0)

Q: How severe is CVE-2015-8236?

CVE-2015-8236 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-8236?

Check the references section above for vendor advisories and patch information. Affected products include: Arista Eos.

Vulnerability Description

Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and 4.15 before 4.15.0FX1.1 allows remote attackers to execute arbitrary code as root by leveraging management-plane access, aka Bug 138716.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Arista	Eos	<= 4.11.11

Related Weaknesses (CWE)

CWE-264

References

https://www.arista.com/support/advisories-notices/security-advisories/1221-securVendor Advisory
https://www.arista.com/support/advisories-notices/security-advisories/1221-securVendor Advisory

FAQ

What is CVE-2015-8236?

CVE-2015-8236 is a vulnerability with a CVSS score of 10.0 (HIGH). Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and 4.15 before 4.15.0FX1.1 allows remote attackers to execute arbitrary code as root by leveraging manage...

How severe is CVE-2015-8236?

CVE-2015-8236 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-8236?

Check the references section above for vendor advisories and patch information. Affected products include: Arista Eos.