CVE-2021-28496

On systems running Arista EOS and CloudEOS with the affected release version, when using shared secret profiles the password configured for use by BiDirectional Forwarding Detection BFD will be leaked when displaying output over eAPI or other JSON outputs to other authenticated users on the devic...

CVE-2021-28496 In Arista's EOS software affected releases, the shared secret profiles sensitive configuration might be leaked when displaying output over eAPI or other JSON outputs to authenticated users on the device.

On systems running Arista EOS and CloudEOS with the affected release version, when using shared secret profiles the password configured for use by BiDirectional Forwarding Detection BFD will be leaked when displaying output over eAPI or other JSON outputs to other authenticated users on the devic...

CVE-2021-28496

CVE-2021-28496 affects Arista EOS and CloudEOS: when using shared secret profiles, the password used for BiDirection Forwarding Detection (BFD) can be leaked through eAPI/JSON outputs to other authenticated users. Affected EOS trains include all 4.22.x, 4.23.x up to 4.23.9, 4.24.x up to 4.24.7, 4...

Security Advisory 0069

Security Advisory 0069 . CSAF PDF Date: October 19th, 2021 Version: 1.0 Revision | Date | Changes ---|---|--- 1.0 | October 19th, 2021 | Initial Release Security Advisory 0069 The CVE-ID tracking this issue: CVE-2021-28496 CVSSv3.1 Base Score: 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H...