Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
Podatności dla
'EOS'
2022-02-04
CVE-2021-28503
CWE-287
The impact of this vulnerability is that Arista's EOS eAPI may skip re-evaluating user credentials when certificate based authentication is used, which allows remote attackers to access the device via eAPI.
2022-01-14
CVE-2021-28500
CWE-863
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API�??s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.
2021-10-21
CVE-2021-28496
CWE-311
On systems running Arista EOS and CloudEOS with the affected release version, when using shared secret profiles the password configured for use by BiDirectional Forwarding Detection (BFD) will be leaked when displaying output over eAPI or other JSON outputs to other authenticated users on the device. The affected EOS Versions are: all releases in 4.22.x train, 4.23.9 and below releases in the 4.23.x train, 4.24.7 and below releases in the 4.24.x train, 4.25.4 and below releases in the 4.25.x train, 4.26.1 and below releases in the 4.26.x train
2020-10-26
CVE-2020-15897
NVD-CWE-noinfo
Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause traffic loss or incorrect forwarding of traffic via a malformed link-state PDU to the IS-IS router.
2019-08-15
CVE-2018-14008
CWE-287
Arista EOS through 4.21.0F allows a crash because 802.1x authentication is mishandled.
2015-11-19
CVE-2015-8236
Arista EOS before 4.11.12, 4.12 before 4.12.11, 4.13 before 4.13.14M, 4.14 before 4.14.5FX.5, and 4.15 before 4.15.0FX1.1 allows remote attackers to execute arbitrary code as root by leveraging management-plane access, aka Bug 138716.
>>>
Vendor:
Arista
7
Produkty
EOS
Dcs-7050t eos software
Dcs-7050q eos software
Dcs-7050s eos software
Cloudvision portal
Cloudvision exchange
Terminattr
Copyright
2024
, cxsecurity.com
Back to Top