Description
On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service.
Problem types
CWE-287 Improper Authentication
Product status
2024.3.0
2024.2.0
2024.1.0
2023.3
2023.2
2023.1
2022.3
2022.2
2022.1
2021.3
2021.2
2021.1
2020.3
2020.2
2020.1
2019.1
2018.2
2018.1
2017.2
References
www.arista.com/...rity-advisory/21314-security-advisory-0114