Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arista vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-17355
Arista EOS prior to 4.21.12M, 4.22.x prior to 4.22.7M, 4.23.x prior to 4.23.5M, and 4.24.x prior to 4.24.2F allows remote malicious users to cause a denial of service (restart of agents) by crafting a malformed DHCP packet which leads to an incorrect route being installed.
Arista Eos
7.5
CVSSv3
CVE-2018-5254
Arista EOS prior to 4.20.2F allows remote BGP peers to cause a denial of service (Rib agent restart) via a malformed path attribute in an UPDATE message.
Arista Eos
6.5
CVSSv3
CVE-2018-5255
The Mlag agent in Arista EOS 4.19 prior to 4.19.4M and 4.20 prior to 4.20.2F allows remote malicious users to cause a denial of service (agent restart) via crafted UDP packets.
Arista Eos
7.4
CVSSv3
CVE-2020-24360
An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista EOS versions are: 4.24.2.4F and below releases in the 4.24.x train; 4.23.4M...
Arista Eos
7.5
CVSSv3
CVE-2020-15897
Arista EOS prior to 4.21.12M, 4.22.x prior to 4.22.7M, 4.23.x prior to 4.23.5M, and 4.24.x prior to 4.24.2F allows remote malicious users to cause traffic loss or incorrect forwarding of traffic via a malformed link-state PDU to the IS-IS router.
Arista Eos
5.5
CVSSv3
CVE-2022-29071
This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal (CVP) where under a certain set of conditions, user passwords can be leaked in the Audit and System logs. The impact of this vulnerability is that the CVP us...
Arista Cloudvision Portal
4.9
CVSSv3
CVE-2019-18615
In CloudVision Portal (CVP) for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user password exposure. This only affects CVP environments where: 1. Devices have enable mod...
Arista Cloudvision Portal
8.8
CVSSv3
CVE-2016-9012
CloudVision Portal (CVP) prior to 2016.1.2.1 allows remote authenticated users to gain access to the internal configuration mechanisms via the management plane, related to a request to /web/system/console/bundle.
Arista Cloudvision Portal
6.5
CVSSv3
CVE-2018-12357
Arista CloudVision Portal up to and including 2018.1.1 has Incorrect Permissions.
Arista Cloudvision Portal
7.5
CVSSv3
CVE-2020-13100
Arista’s CloudVision eXchange (CVX) server prior to 4.21.12M, 4.22.x prior to 4.22.7M, 4.23.x prior to 4.23.5M, and 4.24.x prior to 4.24.2F allows remote malicious users to cause a denial of service (crash and restart) in the ControllerOob agent via a malformed control-plan...
Arista Cloudvision Exchange
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »