PT-2021-3540 · Arista+6 · Arista Eos+6
Published
2021-01-19
·
Updated
2024-06-15
·
CVE-2020-25684
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Dnsmasq (affected versions not specified)
Arista EOS software (affected versions not specified)
Description
The issue is related to errors in the implementation of security checks for standard elements in the Dnsmasq DNS server's reply query() function. This can be exploited by a remote attacker to compromise the integrity of protected information. Additionally, various issues with Dnsmasq may result in the DNS cache being poisoned by a malicious attacker, causing other clients querying the EOS switch as a DNS server to receive invalid DNS records. This issue requires a specific configuration to be set in EOS to allow using the EOS switch as a DNS server.
Recommendations
For Dnsmasq, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
For Arista EOS software, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improperly Implemented Security Check for Standard
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Arista Eos
Centos
Linuxmint
Red Hat
Suse
Ubuntu