CVE-2025-2796

MEDIUM Year: 2025
CVSS v3 Score
5.3
Medium
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

On affected platforms with hardware IPSec support running Arista EOS with IPsec enabled and anti-replay protection configured, EOS may exhibit unexpected behavior in specific cases. Received duplicate encrypted packets, which should be dropped under normal anti-replay protection, will instead be forwarded due to this vulnerability. Note: this issue does not affect VXLANSec or MACSec encryption functionality.

Related Vulnerabilities

CVE-2001-1533

MEDIUM
CVSS:5.3(Medium)

Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service via a flood of fragmented UDP packets. NOTE: the vendor disputes this issue, saying ...

NVD-CWE-Other2001

CVE-2013-7446

MEDIUM
CVSS:5.3(Medium)

Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted ep...

NVD-CWE-Other2013

CVE-2014-5278

MEDIUM
CVSS:5.3(Medium)

A vulnerability exists in Docker before 1.2 via container names, which may collide with and override container IDs.

NVD-CWE-Other2014

CVE-2015-7279

MEDIUM
CVSS:5.3(Medium)

Amped Wireless R10000 devices with firmware 2.5.2.11 use an improper algorithm for selecting the ID value in the header of a DNS query, which makes it easier for remote attackers to spoof responses by...

NVD-CWE-Other2015

CVE-2015-8287

MEDIUM
CVSS:5.3(Medium)

Swann SRNVW-470LCD devices with firmware through 0114 and SWNVW-470CAM devices with firmware through 1022 allow remote attackers to watch live video by visiting an unspecified URL.

NVD-CWE-Other2015