Arista CloudVision Portal 2016.1.1

CPE Details

Arista CloudVision Portal 2016.1.1
arista
cloudvision_portal
2016.1.1
2019-08-23
13h52 +00:00
2019-08-23
13h52 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:arista:cloudvision_portal:2016.1.1:*:*:*:*:*:*:*

Informations

Vendor

arista

Product

cloudvision_portal

Version

2016.1.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-24333 2020-09-22 12h50 +00:00 A vulnerability in Arista’s CloudVision Portal (CVP) prior to 2020.2 allows users with “read-only” or greater access rights to the Configlet Management module to download files not intended for access, located on the CVP server, by accessing a specific API.
6.5
Medium
CVE-2020-13881 2020-06-06 16h18 +00:00 In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.
7.5
High
CVE-2018-12357 2019-08-15 14h27 +00:00 Arista CloudVision Portal through 2018.1.1 has Incorrect Permissions.
6.5
Medium
CVE-2016-9012 2017-01-23 20h00 +00:00 CloudVision Portal (CVP) before 2016.1.2.1 allows remote authenticated users to gain access to the internal configuration mechanisms via the management plane, related to a request to /web/system/console/bundle.
8.8
High