Show plain JSON{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-12378", "assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "state": "PUBLISHED", "assignerShortName": "Arista", "dateReserved": "2024-12-09T18:19:27.219Z", "datePublished": "2025-05-08T19:05:22.320Z", "dateUpdated": "2025-05-08T19:18:27.314Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "CloudVision Portal", "vendor": "Arista Networks", "versions": [{"lessThanOrEqual": "4.32.2F", "status": "affected", "version": "4.32.0", "versionType": "custom"}, {"lessThanOrEqual": "4.31.6M", "status": "affected", "version": "4.31.0", "versionType": "custom"}, {"lessThanOrEqual": "4.30.8M", "status": "affected", "version": "4.30.0", "versionType": "custom"}, {"lessThanOrEqual": "4.29.9M", "status": "affected", "version": "4.29.0", "versionType": "custom"}, {"lessThanOrEqual": "4.28.12M", "status": "affected", "version": "4.28.0", "versionType": "custom"}, {"lessThanOrEqual": "4.27.12M", "status": "affected", "version": "4.27.0", "versionType": "custom"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>In order to be vulnerable to CVE-2024-12378, the following condition must be met:</p><p>Secure Vxlan must be configured.</p><p>The output of \u201cshow ip security connection\u201d is empty if Secure Vxlan isn\u2019t configured.</p><pre>switch> show ip security connection\nLegend: (P) policy based VPN tunnel\nTunnel Source Dest Status Uptime Input Output Rekey Time\nvxlansec-default-1.0.2.1 1.0.1.1 1.0.2.1 <b>Established</b> 19 minutes 0 bytes 152 bytes 24 minutes\n 0 pkts 2 pkts\n</pre><div> </div><p>A normal encrypted connection will show the status as \u201cestablished\u201d.</p><br>"}], "value": "In order to be vulnerable to CVE-2024-12378, the following condition must be met:\n\nSecure Vxlan must be configured.\n\nThe output of \u201cshow ip security connection\u201d is empty if Secure Vxlan isn\u2019t configured.\n\nswitch> show ip security connection\nLegend: (P) policy based VPN tunnel\nTunnel \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 Source \u00a0 \u00a0 Dest \u00a0 \u00a0 \u00a0 \u00a0Status \u00a0 \u00a0 \u00a0 Uptime \u00a0 \u00a0 Input \u00a0 \u00a0Output \u00a0 \u00a0 Rekey Time\nvxlansec-default-1.0.2.1 1.0.1.1 \u00a0 1.0.2.1 \u00a0 Established\u00a0 19 minutes 0 bytes \u00a0152 bytes \u00a024 minutes\n\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 0 pkts \u00a0 \u00a02 pkts\n\n\n\u00a0\n\nA normal encrypted connection will show the status as \u201cestablished\u201d."}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear."}], "value": "On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear."}], "impacts": [{"capecId": "CAPEC-679", "descriptions": [{"lang": "en", "value": "CAPEC-679 Exploitation of Improperly Configured or Implemented Memory Protections"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-319", "description": "CWE-319 Cleartext Transmission of Sensitive Information", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "shortName": "Arista", "dateUpdated": "2025-05-08T19:05:22.320Z"}, "references": [{"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/21289-security-advisory-0113"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades\">EOS User Manual: Upgrades and Downgrades</a></p><div> </div><div>CVE-2024-12378 has been fixed in the following releases:</div><ul><li>4.33.0F and later releases in the 4.33.x train</li><li>4.32.3M and later releases in the 4.32.x train</li><li>4.31.7M and later releases in the 4.31.x train</li><li>4.30.9M and later releases in the 4.30.x train</li><li>4.29.10M and later releases in the 4.29.x train</li></ul><br>"}], "value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see EOS User Manual: Upgrades and Downgrades https://www.arista.com/en/um-eos/eos-upgrades-and-downgrades \n\n\u00a0\n\nCVE-2024-12378 has been fixed in the following releases:\n\n * 4.33.0F and later releases in the 4.33.x train\n * 4.32.3M and later releases in the 4.32.x train\n * 4.31.7M and later releases in the 4.31.x train\n * 4.30.9M and later releases in the 4.30.x train\n * 4.29.10M and later releases in the 4.29.x train"}], "source": {"advisory": "113", "defect": ["BUG 997526"], "discovery": "INTERNAL"}, "title": "On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear.", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The workaround is to remove and re-apply security profiles for each secure VTEP.</p><pre>switch> show vxlan security profile\nVTEP Security Profile\n------------- ----------------\n1.0.2.1 p1\nswitch> en\nswitch# config\nswitch(config)# interface vxlan 1\nswitch(config-if-Vx1)# no vxlan vtep 1.0.2.1 ip security profile p1\nswitch(config-if-Vx1)# vxlan vtep 1.0.2.1 ip security profile p1</pre><br>"}], "value": "The workaround is to remove and re-apply security profiles for each secure VTEP.\n\nswitch> show vxlan security profile\nVTEP \u00a0 \u00a0 \u00a0 \u00a0 Security Profile\n------------- ----------------\n1.0.2.1 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 p1\nswitch> en\nswitch# config\nswitch(config)# interface vxlan 1\nswitch(config-if-Vx1)# no vxlan vtep 1.0.2.1 ip security profile p1\nswitch(config-if-Vx1)# vxlan vtep 1.0.2.1 ip security profile p1"}], "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-08T19:16:38.893940Z", "id": "CVE-2024-12378", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-08T19:18:27.314Z"}}]}} 
ReportizFlow
MITRE
Vulnrichment
NVD
Redhat