Vulnerabilities > Arista > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-23 | CVE-2015-5278 | Infinite Loop vulnerability in multiple products The ne2000_receive function in hw/net/ne2000.c in QEMU before 2.4.0.1 allows attackers to cause a denial of service (infinite loop and instance crash) or possibly execute arbitrary code via vectors related to receiving packets. | 6.5 |
| 2020-01-23 | CVE-2015-5239 | Infinite Loop vulnerability in multiple products Integer overflow in the VNC display driver in QEMU before 2.1.0 allows attachers to cause a denial of service (process crash) via a CLIENT_CUT_TEXT message, which triggers an infinite loop. | 6.5 |
| 2019-12-19 | CVE-2019-18615 | Insufficiently Protected Credentials vulnerability in Arista Cloudvision Portal 2018.2.0/2018.2.3 In CloudVision Portal (CVP) for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user password exposure. | 4.9 |
| 2019-10-10 | CVE-2019-14810 | Race Condition vulnerability in Arista Extensible Operating System A vulnerability has been found in the implementation of the Label Distribution Protocol (LDP) protocol in EOS. | 5.9 |
| 2019-08-15 | CVE-2018-14008 | Improper Authentication vulnerability in Arista EOS Arista EOS through 4.21.0F allows a crash because 802.1x authentication is mishandled. | 6.5 |
| 2019-08-15 | CVE-2018-12357 | Incorrect Permission Assignment for Critical Resource vulnerability in Arista Cloudvision Portal Arista CloudVision Portal through 2018.1.1 has Incorrect Permissions. | 6.5 |
| 2018-03-05 | CVE-2018-5255 | Unspecified vulnerability in Arista EOS The Mlag agent in Arista EOS 4.19 before 4.19.4M and 4.20 before 4.20.2F allows remote attackers to cause a denial of service (agent restart) via crafted UDP packets. | 6.5 |