Vulnerabilities > Arista > Cloudvision Portal > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-05 | CVE-2022-29071 | Information Exposure Through Log Files vulnerability in Arista Cloudvision Portal This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal (CVP) where under a certain set of conditions, user passwords can be leaked in the Audit and System logs. | 5.5 |
| 2020-09-22 | CVE-2020-24333 | Unspecified vulnerability in Arista Cloudvision Portal A vulnerability in Arista’s CloudVision Portal (CVP) prior to 2020.2 allows users with “read-only” or greater access rights to the Configlet Management module to download files not intended for access, located on the CVP server, by accessing a specific API. | 6.5 |
| 2019-12-19 | CVE-2019-18615 | Insufficiently Protected Credentials vulnerability in Arista Cloudvision Portal 2018.2.0/2018.2.3 In CloudVision Portal (CVP) for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user password exposure. | 4.9 |
| 2019-08-15 | CVE-2018-12357 | Incorrect Permission Assignment for Critical Resource vulnerability in Arista Cloudvision Portal Arista CloudVision Portal through 2018.1.1 has Incorrect Permissions. | 6.5 |