Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arista vulnerabilities and exploits
(subscribe to this query)
7.4
CVSSv3
CVE-2020-24360
An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista EOS versions are: 4.24.2.4F and below releases in the 4.24.x train; 4.23.4M...
Arista Eos
7.5
CVSSv3
CVE-2023-3646
On affected platforms running Arista EOS with mirroring to multiple destinations configured, an internal system error may trigger a kernel panic and cause system reload.
Arista Eos
5.9
CVSSv3
CVE-2020-26569
In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries. This can result in traffic being discarded on the receiving VLAN. This affects versions: 4.21.12M a...
Arista Eos
7.5
CVSSv3
CVE-2018-5254
Arista EOS prior to 4.20.2F allows remote BGP peers to cause a denial of service (Rib agent restart) via a malformed path attribute in an UPDATE message.
Arista Eos
6.5
CVSSv3
CVE-2018-14008
Arista EOS up to and including 4.21.0F allows a crash because 802.1x authentication is mishandled.
Arista Eos
4.9
CVSSv3
CVE-2019-18615
In CloudVision Portal (CVP) for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user password exposure. This only affects CVP environments where: 1. Devices have enable mod...
Arista Cloudvision Portal
7.8
CVSSv3
CVE-2019-18181
In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to bypass permissions for restricted functionality via CVP API calls through the Configlet Builder modules. This vulnerability can potentially enable authenticated users...
Arista Cloudvision Portal
8.8
CVSSv3
CVE-2016-9012
CloudVision Portal (CVP) prior to 2016.1.2.1 allows remote authenticated users to gain access to the internal configuration mechanisms via the management plane, related to a request to /web/system/console/bundle.
Arista Cloudvision Portal
6.5
CVSSv3
CVE-2018-12357
Arista CloudVision Portal up to and including 2018.1.1 has Incorrect Permissions.
Arista Cloudvision Portal
5.5
CVSSv3
CVE-2022-29071
This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal (CVP) where under a certain set of conditions, user passwords can be leaked in the Audit and System logs. The impact of this vulnerability is that the CVP us...
Arista Cloudvision Portal
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »