An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:HArista Eos
OSArista< 4.204.21.0 – 4.21.14m4.22.0 – 4.22.11m4.23.0 – 4.23.8m4.24.6.0 – 4.24.6m4.25.0 – 4.25.4m4.26.0 – 4.26.1f
Related vulnerabilities
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the...
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variab...
On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having th...
An issue has recently been discovered in Arista EOS where certain gNOI APIs incorrectly skip authorization and...
utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short...