Vulnerabilities > Arista > Cloudvision Portal > 2019.1.0

DATE CVE VULNERABILITY TITLE RISK
2020-09-22 CVE-2020-24333 Unspecified vulnerability in Arista Cloudvision Portal
A vulnerability in Arista’s CloudVision Portal (CVP) prior to 2020.2 allows users with “read-only” or greater access rights to the Configlet Management module to download files not intended for access, located on the CVP server, by accessing a specific API.
network
low complexity
arista
6.5
2020-06-06 CVE-2020-13881 Information Exposure Through Log Files vulnerability in multiple products
In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used.
7.5
2019-10-24 CVE-2019-17596 Interpretation Conflict vulnerability in multiple products
Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key.
7.5