CVE-2021-28499

🗓️ 09 Sep 2021 12:38:50Reported by AristaType

Arista MOS software exposes user passwords in clear tex

Reporter	Title	Published	Views	Family All 11
Arista	Security Advisory 0064	20 Aug 202100:00	–	arista
Circl	CVE-2021-28499	9 Sep 202116:29	–	circl
CNNVD	Arista Networks MOS 加密问题漏洞	9 Sep 202100:00	–	cnnvd
CNVD	Arista Networks MOS Encryption Issue Vulnerability	14 Sep 202100:00	–	cnvd
CVE	CVE-2021-28499	9 Sep 202112:38	–	cve
EUVD	EUVD-2021-15175	7 Oct 202500:30	–	euvd
NCSC	Vulnerabilities fixed in Arista MOS on 7130 switches	23 Aug 202100:00	–	ncsc
NVD	CVE-2021-28499	9 Sep 202113:15	–	nvd
OSV	CVE-2021-28499	9 Sep 202113:15	–	osv
Prion	Default credentials	9 Sep 202113:15	–	prion

[
  {
    "platforms": [
      "Arista 7130 Systems running MOS"
    ],
    "product": "Metamako Operating System",
    "vendor": "Arista",
    "versions": [
      {
        "lessThan": "MOS-0.18*",
        "status": "affected",
        "version": "MOS-0.18",
        "versionType": "custom"
      },
      {
        "lessThan": "MOS-0.32.0",
        "status": "affected",
        "version": "MOS-0.32.0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
arista	www.arista.com/en/support/advisories-notices/security-advisories/12912-security-advisory-64

09 Sep 2021 12:38Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.16.3

EPSS0.00198

CWE-255