CVEbuzz logo
This website displays data collected from external sources, and is not responsible for any aspect of it. Read more...

Security / vulnerability advisories for Arista C-230 Firmware

Titles listed in dictionary

CPE for product: cpe:2.3:o:arista:c-230_firmware:-:*:*:*:*:*:*:*

Showing 1-3 of 3
Medium damage 5.3
Difficult to exploit
(other affected products) Published: Tue May 11 20:15:00 2021 UTC. Last Modified: Mon Dec 6 13:45:00 2021 UTC
CPE matches: cpe:2.3:o:arista:c-230_firmware:*:*:*:*:*:*:*:* && versionEndExcluding=10.0.1-31

Description

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. Note that WEP is vulnerable to this attack by design.

Damage

Attack conditions

Damage and attack conditions obtained from CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N (CVSSv3)

Type of bug(s)

References

Medium damage 6.5
Easy to exploit
(other affected products) Published: Tue May 11 20:15:00 2021 UTC. Last Modified: Sat Dec 4 01:48:00 2021 UTC
CPE matches: cpe:2.3:o:arista:c-230_firmware:*:*:*:*:*:*:*:* && versionEndExcluding=10.0.1-31

Description

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext A-MSDU frames as long as the first 8 bytes correspond to a valid RFC1042 (i.e., LLC/SNAP) header for EAPOL. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.

Damage

Attack conditions

Damage and attack conditions obtained from CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N (CVSSv3)

Type of bug(s)

References

Low damage 3.5
Medium difficulty to exploit
(other affected products) Published: Tue May 11 20:15:00 2021 UTC. Last Modified: Fri Dec 3 02:21:00 2021 UTC
CPE matches: cpe:2.3:o:arista:c-230_firmware:*:*:*:*:*:*:*:* && versionEndExcluding=10.0.1-31

Description

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.

Damage

Attack conditions

Damage and attack conditions obtained from CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N (CVSSv3)

References