Arista 2023

mailsanjayhere · mailsanjayhere · commit efe7a0bc9964 · 2025-06-02T17:19:10.000Z
diff --git a/CVEasy/Arista/2023/cve202324513.py b/CVEasy/Arista/2023/cve202324513.py
@@ -53,7 +53,8 @@ def rule_cve202324513(configuration, commands, device, devices):
     # Assert that the device is not vulnerable
     assert not is_vulnerable, (
         f"Device {device.name} is vulnerable to CVE-2023-24513. "
-        "The device is running a vulnerable version on CloudEOS platform with Software Forwarding Engine (SFE) enabled, "
+        "The device is running a vulnerable version on CloudEOS platform with "
+        "Software Forwarding Engine (SFE) enabled, "
         "which could allow malformed packets to cause buffer leaks and stop traffic forwarding. "
         "Recommended fixes:\n"
         "- Upgrade to one of the following fixed versions:\n"
diff --git a/CVEasy/Arista/2023/cve202324545.py b/CVEasy/Arista/2023/cve202324545.py
@@ -53,7 +53,8 @@ def rule_cve202324545(configuration, commands, device, devices):
     # Assert that the device is not vulnerable
     assert not is_vulnerable, (
         f"Device {device.name} is vulnerable to CVE-2023-24545. "
-        "The device is running a vulnerable version on CloudEOS platform with Software Forwarding Engine (SFE) enabled, "
+        "The device is running a vulnerable version on CloudEOS platform with "
+        "Software Forwarding Engine (SFE) enabled, "
         "which could allow malformed packets to cause buffer leaks and stop traffic forwarding. "
         "Recommended fixes:\n"
         "- Upgrade to one of the following fixed versions:\n"
diff --git a/CVEasy/Arista/2023/cve202324547.py b/CVEasy/Arista/2023/cve202324547.py
@@ -38,7 +38,7 @@ def rule_cve202324547(configuration, commands, device, devices):
 
     # Check BGP configuration for plaintext passwords
     bgp_config = commands.show_bgp_config
-    
+
     # Look for BGP neighbor password configurations without type 7 encryption
     has_plaintext_password = False
     for line in bgp_config.splitlines():
diff --git a/CVEasy/Arista/2023/cve202324548.py b/CVEasy/Arista/2023/cve202324548.py
@@ -51,7 +51,6 @@ def rule_cve202324548(configuration, commands, device, devices):
 
     # Check if VXLAN VNIs are routable
     vxlan_vni = commands.show_vxlan_vni
-    vlan_info = commands.show_vlan
     ip_interfaces = commands.show_ip_interface
 
     # Look for routable VNIs (either VLAN interfaces or VRF-mapped)
diff --git a/CVEasy/Arista/2023/cve20233646.py b/CVEasy/Arista/2023/cve20233646.py
@@ -7,7 +7,6 @@
     commands=dict(
         show_version='show version',
         show_monitor='show monitor session',
-        show_config='show running-config | section monitor'
     ),
 )
 def rule_cve20233646(configuration, commands, device, devices):
@@ -36,7 +35,6 @@ def rule_cve20233646(configuration, commands, device, devices):
 
     # Check for multiple destination ports in monitor sessions
     monitor_output = commands.show_monitor
-    config_output = commands.show_config
 
     # Check if any monitor session has multiple destinations configured
     multiple_destinations = False
