arista networks Terminattr Vulnerabilities
Arista%20networks Terminattr vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch.
CVE-2023-24512Arista NetworksTerminattr8.8HIGHTerminAttr streams IPsec sensitive data in clear text to other authorized users in CVP
CVE-2021-28508Arista NetworksArista Eos6.8MEDIUMTerminAttr streams MACsec sensitive data in clear text to other authorized users in CVP
CVE-2021-28509Arista NetworksArista Eos6.1MEDIUMAn issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA APIβs by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.
CVE-2021-28501Arista NetworksTerminattr9.1CRITICAL