Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arista vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2018-5255
The Mlag agent in Arista EOS 4.19 prior to 4.19.4M and 4.20 prior to 4.20.2F allows remote malicious users to cause a denial of service (agent restart) via crafted UDP packets.
Arista Eos
445
VMScore
CVE-2020-15897
Arista EOS prior to 4.21.12M, 4.22.x prior to 4.22.7M, 4.23.x prior to 4.23.5M, and 4.24.x prior to 4.24.2F allows remote malicious users to cause traffic loss or incorrect forwarding of traffic via a malformed link-state PDU to the IS-IS router.
Arista Eos
383
VMScore
CVE-2020-17355
Arista EOS prior to 4.21.12M, 4.22.x prior to 4.22.7M, 4.23.x prior to 4.23.5M, and 4.24.x prior to 4.24.2F allows remote malicious users to cause a denial of service (restart of agents) by crafting a malformed DHCP packet which leads to an incorrect route being installed.
Arista Eos
294
VMScore
CVE-2018-14008
Arista EOS up to and including 4.21.0F allows a crash because 802.1x authentication is mishandled.
Arista Eos
NA
CVE-2023-24547
On affected platforms running Arista MOS, the configuration of a BGP password will cause the password to be logged in clear text that can be revealed in local logs or remote logging servers by authenticated users, as well as appear in clear text in the device’s running conf...
Arista Mos
445
VMScore
CVE-2020-13100
Arista’s CloudVision eXchange (CVX) server prior to 4.21.12M, 4.22.x prior to 4.22.7M, 4.23.x prior to 4.23.5M, and 4.24.x prior to 4.24.2F allows remote malicious users to cause a denial of service (crash and restart) in the ControllerOob agent via a malformed control-plan...
Arista Cloudvision Exchange
356
VMScore
CVE-2020-24333
A vulnerability in Arista’s CloudVision Portal (CVP) before 2020.2 allows users with “read-only” or greater access rights to the Configlet Management module to download files not intended for access, located on the CVP server, by accessing a specific API.
Arista Cloudvision Portal
NA
CVE-2022-29071
This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal (CVP) where under a certain set of conditions, user passwords can be leaked in the Audit and System logs. The impact of this vulnerability is that the CVP us...
Arista Cloudvision Portal
312
VMScore
CVE-2019-18615
In CloudVision Portal (CVP) for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user password exposure. This only affects CVP environments where: 1. Devices have enable mod...
Arista Cloudvision Portal
409
VMScore
CVE-2019-18181
In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to bypass permissions for restricted functionality via CVP API calls through the Configlet Builder modules. This vulnerability can potentially enable authenticated users...
Arista Cloudvision Portal
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »