漏洞类别:Local
漏洞等级: 
漏洞信息
Arista has released updates for EOS and CloudVision eXchange which addresses multiple OpenSSL vulnerabilities affecting the products.
漏洞危害
Successful exploitation of the vulnerabilities may cause a denial of service (CVE-2016-6304), potentially decrypt SSL data when 3DES cipher is used (CVE-2016-2183) and recover SSH DSA private keys (CVE-2016-2178)
解决方案
Customers are advised to update EOS version 4.17.2F to fix the vulnerabilites for both EOS and CloudVision eXchange
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论