Cloudvision Portal
Approved changes feed: RSS · Atom
cpe:2.3:a:arista_networks:cloudvision_portal:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Arista Networks (a0182fe3-0447-5099-835f-342e87c54952) |
|---|---|
| Product | Cloudvision Portal (eb779f67-0bc9-5f56-9f6b-1f89306be4eb) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-0505 |
vulnerable | 2026-06-03 14:58:32.333941 |
On Arista CloudVision systems (virtual or physical on-premise deployments), Zero Touch Provisioning can be used to gain admin privileges on the CloudVision system, with more permissions than necessary, which can be used to query or manipulate system state
CRITICAL (10)
On Arista CloudVision systems (virtual or physical on-premise deployments), Zero Touch Provisioning can be used to gain admin privileges on the CloudVision system, with more permissions than necessary, which can be used to query or manipulate system state for devices under management. Note that CloudVision as-a-Service is not affected.
Published: 2025-05-08T18:37:13.981Z
Updated: 2025-05-08T18:56:19.850Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-12378 |
vulnerable | 2026-06-03 14:54:16.252080 |
On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear.
CRITICAL (9.1)
On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear.
Published: 2025-05-08T19:05:22.320Z
Updated: 2025-05-08T19:18:27.314Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-11186 |
vulnerable | 2026-06-03 14:54:13.616642 |
On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-prem
CRITICAL (10)
On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service.
Published: 2025-05-08T18:47:52.859Z
Updated: 2025-05-08T19:01:23.429Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-29071 |
vulnerable | 2026-06-03 14:46:56.581003 |
This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal (CVP) where under a certain set of conditions, user passwords can be leaked in the Audit and System logs. The impact of this vu ...
MEDIUM (4)
This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal (CVP) where under a certain set of conditions, user passwords can be leaked in the Audit and System logs. The impact of this vulnerability is that the CVP user login passwords might be leaked to other authenticated users.
Published: 2022-08-05T16:47:17.137Z
Updated: 2026-06-02T14:06:37.357Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.