Latest arista terminattr Vulnerabilities

● CVE-2021-28509

This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is...

Arista Terminattr<1.10.11

Arista Terminattr>=1.11.0<1.16.8

Arista Terminattr>=1.17.0<1.19.2

Arista EOS>=4.23<=4.23.11

Arista EOS>=4.24<4.24.10

Arista EOS>=4.25<4.25.8

and 45 more

● CVE-2021-28508

Arista Terminattr<1.10.11

Arista Terminattr>=1.11.0<1.16.8

Arista Terminattr>=1.17.0<1.19.0

Arista EOS>=4.23<=4.23.11

Arista EOS>=4.24<4.24.10

Arista EOS>=4.25<4.25.8

and 45 more

● CVE-2021-28501

An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users...

Arista Terminattr<=1.16.2

● CVE-2019-17596

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client t...

Golang Go>=1.12<1.12.11

Golang Go>=1.13<1.13.2

Debian Debian Linux=9.0

Debian Debian Linux=10.0

Fedoraproject Fedora=30

Fedoraproject Fedora=31

and 15 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.