Arista

Terminattr

4 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2021-28508

Exploit
  • EPSS 0.15%
  • Published 26.05.2022 20:15:08
  • Last modified 21.11.2024 05:59:48

This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might lea...

6.1

CVE-2021-28509

Exploit
  • EPSS 0.14%
  • Published 26.05.2022 20:15:08
  • Last modified 21.11.2024 05:59:48

This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might lea...

7.8

CVE-2021-28501

Exploit
  • EPSS 0.14%
  • Published 14.01.2022 20:15:10
  • Last modified 21.11.2024 05:59:47

An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.

7.5

CVE-2019-17596

Exploit
  • EPSS 2.34%
  • Published 24.10.2019 22:15:10
  • Last modified 21.11.2024 04:32:36

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.