Terminattr
Approved changes feed: RSS · Atom
cpe:2.3:a:arista_networks:terminattr:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Arista Networks (a0182fe3-0447-5099-835f-342e87c54952) |
|---|---|
| Product | Terminattr (afc60b9a-4bc4-5c22-b900-44827060b90d) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-24512 |
vulnerable | 2026-06-03 14:49:29.999422 |
On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch.
HIGH (8.8)
On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent (referred to as the TerminAttr agent) is enabled and gNMI access is configured on the agent. Note: This gNMI over the Streaming Telemetry Agent scenario is mostly commonly used when streaming to a 3rd party system and is not used by default when streaming to CloudVision
Published: 2023-04-25T00:00:00.000Z
Updated: 2025-02-03T19:15:59.467Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-28501 |
vulnerable | 2026-06-03 14:44:18.360763 |
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.
CRITICAL (9.1)
An issue has recently been discovered in Arista EOS where the incorrect use of EOS's AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.
Published: 2022-01-14T19:04:48.898Z
Updated: 2024-09-17T03:43:50.014Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.