CVE-2023-24546
published 2023-06-13CVE-2023-24546: On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could enable a malicious actor with…
PriorityP349high8.1CVSS 3.1
AVNACLPRLUINSUCHIHAN
EPSS
0.47%
37.4th percentile
On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could enable a malicious actor with network access to CloudVision to get broader access to telemetry and configuration data within the system than intended. This advisory impacts the Arista CloudVision Portal product when run on-premise. It does not impact CloudVision as-a-Service.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arista | cloudvision_portal | — | — |
| arista | cloudvision_portal | — | — |
| arista | cloudvision_portal | — | — |
| arista | cloudvision_portal | — | — |
| arista | cloudvision_portal | — | — |
| arista | cloudvision_portal | — | — |
| arista | cloudvision_portal | 2021.1 – 2021.3 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-06-13
Published