Arista

Terminattr

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2021-28508

Exploit
  • EPSS 0.15%
  • Veröffentlicht 26.05.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:59:48

This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might lea...

6.1

CVE-2021-28509

Exploit
  • EPSS 0.14%
  • Veröffentlicht 26.05.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:59:48

This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might lea...

7.8

CVE-2021-28501

Exploit
  • EPSS 0.14%
  • Veröffentlicht 14.01.2022 20:15:10
  • Zuletzt bearbeitet 21.11.2024 05:59:47

An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.

7.5

CVE-2019-17596

Exploit
  • EPSS 2.34%
  • Veröffentlicht 24.10.2019 22:15:10
  • Zuletzt bearbeitet 21.11.2024 04:32:36

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.