Vulnerabilities > Arista > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2022-05-26	CVE-2021-28509	Cleartext Transmission of Sensitive Information vulnerability in Arista EOS and Terminattr This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. network high complexity arista CWE-319	3.6
2022-05-26	CVE-2021-28508	Cleartext Transmission of Sensitive Information vulnerability in Arista EOS and Terminattr This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. network high complexity arista CWE-319	3.6
2021-09-09	CVE-2021-28499	Insufficiently Protected Credentials vulnerability in Arista Metamako Operating System In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user account passwords set in clear text could leak to users without any password. local low complexity arista CWE-522	2.1
2021-05-11	CVE-2020-26147	An issue was discovered in the Linux kernel 5.8.9. high complexity linux debian arista siemens	3.2
2021-05-11	CVE-2020-26146	Improper Input Validation vulnerability in multiple products An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. samsung arista siemens CWE-20	2.9
2021-05-11	CVE-2020-26144	Improper Input Validation vulnerability in multiple products An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. low complexity samsung arista siemens CWE-20	3.3
2021-05-11	CVE-2020-26143	Improper Input Validation vulnerability in multiple products An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. low complexity alfa arista siemens CWE-20	3.3
2021-05-11	CVE-2020-26140	An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. low complexity alfa siemens arista cisco intel	3.3
2021-05-11	CVE-2020-24588	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. low complexity ieee linux microsoft debian siemens arista cisco intel CWE-327	3.5
2021-05-11	CVE-2020-24587	Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. high complexity ieee linux debian arista cisco intel CWE-327	1.8