Cloudvision Portal Security Vulnerabilities and Issues — Cloudvision Portal CVE List

Lucene search

AristaCloudvision Portal

4 matches found

CVE•added 2019/10/24 10:15 p.m.•253 views

CVE-2019-17596

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.

7.5CVSS7.3AI score0.04061EPSS

CVE•added 2019/12/19 7:15 p.m.•66 views

CVE-2019-18181

In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to bypass permissions for restricted functionality via CVP API calls through the Configlet Builder modules. This vulnerability can potentially enable authenticated users with read-only acc...

7.8CVSS7.5AI score0.00044EPSS

CVE•added 2019/12/19 5:15 p.m.•52 views

CVE-2019-18615

In CloudVision Portal (CVP) for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user password exposure. This only affects CVP environments where: 1. Devices have enable mode passwords which a...

4.9CVSS5.1AI score0.00106EPSS

CVE•added 2019/08/15 5:15 p.m.•37 views

CVE-2018-12357

Arista CloudVision Portal through 2018.1.1 has Incorrect Permissions.

6.5CVSS6.5AI score0.00141EPSS