CVE-2021-28497

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, under certain conditions, the bash shell might be accessible to unprivileged users in situations where they should not have access. This issue affects: Arista Metamako Operating System All releases in...

CVE-2021-28499

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, user account passwords set in clear text could leak to users without any password. This issue affects: Arista Metamako Operating System MOS-0.18 and post releases in the MOS-0.1x train All releases in...

EUVD-2021-15169

Malware in sbrugna...

EUVD-2021-15174

Malware in sbrugna...

EUVD-2021-15171

Malware in sbrugna...

EUVD-2023-28563

Malicious code in bioql PyPI...

CVE-2021-28493

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, under certain conditions, a user may be able to execute commands despite not having the privileges to do so. This issue affects: Arista Metamako Operating System All releases in the MOS-0.1x train...

CVE-2021-28498

In Arista's MOS Metamako Operating System software which is supported on the 7130 product line, user enable passwords set in clear text could result in unprivileged users getting complete access to the systems. This issue affects: Arista Metamako Operating System MOS-0.13 and post releases in the...

Oracle Critical Patch Update Advisory - October 2024

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...

Oracle Critical Patch Update Advisory - April 2024

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches add...

CVE-2023-6068

On affected 7130 Series FPGA platforms running MOS and recent versions of the MultiAccess FPGA, application of ACL’s may result in incorrect operation of the configured ACL for a port resulting in some packets that should be denied being permitted and some...

Design/Logic Flaw

On affected 7130 Series FPGA platforms running MOS and recent versions of the MultiAccess FPGA, application of ACL’s may result in incorrect operation of the configured ACL for a port resulting in some packets that should be denied being permitted and some...

CVE-2023-6068 On affected 7130 Series FPGA platforms running MOS and recent versions of the MultiAccess FPGA, application of ACL’s may result in incorrect operation of the configured ACL for a port resulting in some packets that should be denied being permitted and some

On affected 7130 Series FPGA platforms running MOS and recent versions of the MultiAccess FPGA, application of ACL’s may result in incorrect operation of the configured ACL for a port resulting in some packets that should be denied being permitted and some...

CVE-2023-6068

CVE-2023-6068 affects Arista MOS-based 7130 Series FPGA devices running MultiAccess FPGA software version 1.7.1 or 1.6.x. The issue is that applying ACLs may cause incorrect ACL operation on a port, allowing some packets that should be denied and denying some that should be allowed. Arista provid...

Security Advisory 0091

Security Advisory 0091 . CSAF PDF Date: February 20, 2024 Revision | Date | Changes ---|---|--- 1.0 | February 20, 2024 | Initial release The CVE-ID tracking this issue: CVE-2023-6068 CVSSv3.1 Base Score: 3.1 AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N Common Weakness Enumeration: CWE-283 Improper Access...

CVE-2023-24547

On affected platforms running Arista MOS, the configuration of a BGP password will cause the password to be logged in clear text that can be revealed in local logs or remote logging servers by authenticated users, as well as appear in clear text in the device’s running config...

CVE-2023-24547

On affected platforms running Arista MOS, the configuration of a BGP password will cause the password to be logged in clear text that can be revealed in local logs or remote logging servers by authenticated users, as well as appear in clear text in the device’s running config...

CVE-2023-24547 On Arista MOS configuration of a BGP password will cause the password to be logged in clear text.

On affected platforms running Arista MOS, the configuration of a BGP password will cause the password to be logged in clear text that can be revealed in local logs or remote logging servers by authenticated users, as well as appear in clear text in the device’s running config...

CVE-2023-24547 On Arista MOS configuration of a BGP password will cause the password to be logged in clear text.

On affected platforms running Arista MOS, the configuration of a BGP password will cause the password to be logged in clear text that can be revealed in local logs or remote logging servers by authenticated users, as well as appear in clear text in the device’s running config...

CVE-2023-24547

Summary: CVE-2023-24547 affects Arista MOS where a BGP password configured in plain text is logged in clear text in local and remote logs and in the running config. What’s affected: Arista MOS versions (MOS-0.13.0 onward per advisory) on affected platforms, notably Arista 7130 MOS and certain Met...