Security Advisory 0086

Arista Networks Security Advisory

Date: April 25, 2023
 
 

Revision
Date
Changes

1.0
April 25, 2023
Initial release

The CVE-ID tracking this issue: CVE-2023-24512 CVSSv3.1 Base Score: 8.8 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) Common Weakness Enumeration: CWE-284 Improper Access Control This vulnerability is being tracked by BUG751697
Description
On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to upda …

READ MORE