CVE-2024-9135 — MEDIUM (5.3)

Vulnerability Description

On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

LOW

Related Weaknesses (CWE)

CWE-401

References

https://www.arista.com/en/support/advisories-notices/security-advisory/21092-sec

FAQ

What is CVE-2024-9135?

CVE-2024-9135 is a vulnerability with a CVSS score of 5.3 (MEDIUM). On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flap...

How severe is CVE-2024-9135?

CVE-2024-9135 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-9135?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.