3 matches found
CVE-2021-28508
CVE-2021-28508 affects Arista EOS with TerminAttr and OpenConfig transport enabled. Under certain conditions TerminAttr or Octa may leak IPsec data in clear text to CloudVision/gNMI authorized users, allowing potential decryption/modification of IPsec traffic. Affected EOS versions when Octa is i...
CVE-2021-28508 TerminAttr streams IPsec sensitive data in clear text to other authorized users in CVP
This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to...
Security Advisory 0077
Security Advisory 0077 . CSAF PDF Date: May 27th, 2022 Revision | Date | Changes ---|---|--- 1.1 | May 27th 2022 | Update the CVE impact of Octa 1.0 | May 25th 2022 | Initial release CVE-2021-28508 CVSSv3.1 Base Score: 6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H CWE: CWE-255 Credentials...