4 matches found
CVE-2025-3456
On affected platforms running Arista EOS, the global common encryption key configuration may be logged in clear text, in local or remote accounting logs. Knowledge of both the encryption key and protocol specific encrypted secrets from the device running-config could then be used to obtain protoc...
CVE-2020-9015
Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices and possibly other products allow attackers to bypass intended TACACS+ shell restrictions via a | character. NOTE: the vendor reports that this is a configuration issue relating to an overly...
CVE-2020-9015
Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices and possibly other products allow attackers to bypass intended TACACS+ shell restrictions via a | character. NOTE: the vendor reports that this is a configuration issue relating to an overly...
PT-2019-3016 · Google +10 · Golang.Org/X/Net/Http2 +11
Name of the Vulnerable Software and Affected Versions: HTTP/2 implementations affected versions not specified golang.org/x/net/http2 affected versions not specified Arista’s EOS affected versions not specified Arista’s CloudVision Portal affected versions not specified Access Points with OpenConf...