Primary

Context

Arista EOS Cleartext Transmission Vulnerability in Secure VxLAN Tunnels

Vulnerability

Patched

A vulnerability exists in Arista EOS platforms with secure VxLAN configured. Restarting the Tunnelsec agent can cause packets to be transmitted unencrypted over the secure VxLAN tunnels. This issue affects several EOS versions and is present on specific Arista EOS-based products.

Impact

Exploitation of this vulnerability leads to the cleartext transmission of sensitive information over secure VxLAN tunnels, potentially allowing for interception and analysis of the transmitted data.

Remediation

Users are advised to upgrade to Arista EOS versions 4.33.0F, 4.32.3M, 4.31.7M, 4.30.9M, or 4.29.10M. For more information on upgrading, consult the EOS User Manual: Upgrades and Downgrades.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

0.6

exploitability

7.0

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

0.6

exploitability

7.0

remediation

8.3

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Arista EOS Cleartext Transmission Vulnerability in Secure VxLAN Tunnels

Vulnerability

Impact

Remediation

Affected Products

Arista EOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating