CVE-2024-11186
published 2025-05-08CVE-2024-11186: On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS…
PriorityP260critical10CVSS 3.1
AVNACLPRNUINSCCHIHAH
EPSS
0.64%
46.1th percentile
On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arista_networks | cloudvision_portal | — | — |
| arista_networks | cloudvision_portal | — | — |
| arista_networks | cloudvision_portal | — | — |
| arista_networks | cloudvision_portal | — | — |
| arista_networks | cloudvision_portal | — | — |
| arista_networks | cloudvision_portal | — | — |
| arista_networks | cloudvision_portal | — | — |
| arista_networks | cloudvision_portal | — | — |
| arista_networks | cloudvision_portal | — | — |
| arista_networks | cloudvision_portal | — | — |
| arista_networks | cloudvision_portal | — | — |
| arista_networks | cloudvision_portal | — | — |
| arista_networks | cloudvision_portal | — | — |
| arista_networks | cloudvision_portal | — | — |
| arista_networks | cloudvision_portal | — | — |
| arista_networks | cloudvision_portal | — | — |
| arista_networks | cloudvision_portal | — | — |
| arista_networks | cloudvision_portal | 2024.1.0 – 2024.1.2 | — |
| arista_networks | cloudvision_portal | 2024.2.0 – 2024.2.1 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-05-08
Published