Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arista vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv3
CVE-2019-18615
In CloudVision Portal (CVP) for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user password exposure. This only affects CVP environments where: 1. Devices have enable mod...
Arista Cloudvision Portal
8.8
CVSSv3
CVE-2016-9012
CloudVision Portal (CVP) prior to 2016.1.2.1 allows remote authenticated users to gain access to the internal configuration mechanisms via the management plane, related to a request to /web/system/console/bundle.
Arista Cloudvision Portal
6.5
CVSSv3
CVE-2018-12357
Arista CloudVision Portal up to and including 2018.1.1 has Incorrect Permissions.
Arista Cloudvision Portal
7.8
CVSSv3
CVE-2019-18181
In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to bypass permissions for restricted functionality via CVP API calls through the Configlet Builder modules. This vulnerability can potentially enable authenticated users...
Arista Cloudvision Portal
5.5
CVSSv3
CVE-2022-29071
This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal (CVP) where under a certain set of conditions, user passwords can be leaked in the Audit and System logs. The impact of this vulnerability is that the CVP us...
Arista Cloudvision Portal
6.5
CVSSv3
CVE-2020-24333
A vulnerability in Arista’s CloudVision Portal (CVP) before 2020.2 allows users with “read-only” or greater access rights to the Configlet Management module to download files not intended for access, located on the CVP server, by accessing a specific API.
Arista Cloudvision Portal
5.5
CVSSv3
CVE-2021-28499
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user account passwords set in clear text could leak to users without any password. This issue affects: Arista Metamako Operating System MOS-0.18 and post releases in the MOS-0.1...
Arista Metamako Operating System
8.8
CVSSv3
CVE-2021-28494
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, authentication is bypassed by unprivileged users who are accessing the Web UI. This issue affects: Arista Metamako Operating System MOS-0.34.0 and prio...
Arista Metamako Operating System
7.8
CVSSv3
CVE-2021-28493
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, a user may be able to execute commands despite not having the privileges to do so. This issue affects: Arista Metamako Operating System All releases in...
Arista Metamako Operating System
9.8
CVSSv3
CVE-2021-28495
In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, under certain conditions, user authentication can be bypassed when API access is enabled via the JSON-RPC APIs. This issue affects: Arista Metamako Operating System All releases...
Arista Metamako Operating System
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »