CVE-2026-2379
5.9 MEDIUMOn affected platforms with hardware IPSec support running Arista EOS with certain IPsec features enabled, EOS may exhibit unexpected beha...
Published: 2026-06-05 · Last updated: 2026-06-05
Severity and scoring
- CVSS
- 5.9 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
- CWE
- CWE-672
Description
On affected platforms with hardware IPSec support running Arista EOS with certain IPsec features enabled, EOS may exhibit unexpected behavior in specific cases. Physical interface flaps and certain agent restarts can cause IPsec tunnel re-establishment with existing Security Associations, resulting in sequence number mismatches between tunnel endpoints potentially causing unstable communication.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-33463 — Operation on a Resource after Expiration or Termination (CWE-672) in Kibana can lead to unauthorized information disclosure (5.3 MEDIUM)
- CVE-2026-42791 — Improper Certificate Validation vulnerability in Erlang OTP public_key (pubkey_ocsp module) allows forged OCSP responses signed with an e... (3.7 LOW)
- CVE-2026-33278 — NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service a... (9.8 CRITICAL)
- CVE-2026-32244 — Discourse is an open-source discussion platform (5.3 MEDIUM)
- CVE-2026-4053 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13 fail to enforce the PostEditTimeLimit on non-message post fields which allows a... (3.1 LOW)