Vulnerability CVE-2020-9015
Published: 2020-02-20   Modified: 2020-02-21

Description:
Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devices allow attackers to bypass intended TACACS+ shell restrictions via a | character.

See advisories in our WLB2 database:
Topic
Author
Date
High
Arista Restricted Shell Escape / Privilege Escalation
Chris Anders
17.06.2020

Type:

CWE-264

 (Permissions, Privileges, and Access Controls)

 References:
https://securitybytes.me
https://securitybytes.me/posts/cve-2020-9015/
Copyright 2024, cxsecurity.com

 

Back to Top