arista networks Arista Eos Vulnerabilities
Arista%20networks Arista Eos vulnerabilities.
Vulnerability Published:
๐๏ธ Published
- Anytime
Sort By:
๐๏ธ Published Date
- Descending
On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart.
CVE-2023-24510Arista NetworksArista Eos7.5HIGHOn affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy protocol configured with RPR or SSO, an existing unprivileged user can login to the standby supervisor as a root user, leading t ...
CVE-2023-24509Arista NetworksArista Eos9.3CRITICALTerminAttr streams IPsec sensitive data in clear text to other authorized users in CVP
CVE-2021-28508Arista NetworksArista Eos6.8MEDIUMTerminAttr streams MACsec sensitive data in clear text to other authorized users in CVP
CVE-2021-28509Arista NetworksArista Eos6.1MEDIUMIn Arista's EOS software affected releases, eAPI might skip re-evaluating user credentials when certificate based authentication is used, which allows remote attackers to access the device via eAPI.
CVE-2021-28503Arista NetworksArista Eos7.4HIGHAn issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA APIโs by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.
CVE-2021-28500Arista NetworksArista Eos9.1CRITICALIn Arista's EOS software affected releases, the shared secret profiles sensitive configuration might be leaked when displaying output over eAPI or other JSON outputs to authenticated users on the device.
CVE-2021-28496Arista NetworksArista Eos5.7MEDIUM