3 matches found
CVE-2019-18181
In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to bypass permissions for restricted functionality via CVP API calls through the Configlet Builder modules. This vulnerability can potentially enable authenticated users with read-only...
CVE-2019-18181
Arista CloudVision Portal is affected in all releases of the 2018.1 and 2018.2 code trains. The issue allows users with read-only permissions to bypass restrictions for certain functionality via CVP API calls through the Configlet Builder modules, potentially letting authenticated read-only users...
Security Advisory 0044
Security Advisory 0044 PDF Date: December 4th, 2019 Version: 1.0 Revision | Date | Changes ---|---|--- 1.0 | December 4, 2019 | Initial Release The CVE-ID tracking this issue is: CVE-2019-18181 CVSSv3 Base Score: 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N Description: This advisory document...