Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to bypass permissions for restricted functionality via CVP API calls through the Configlet Builder modules. This vulnerability can potentially enable authenticated users with read-only access to take actions that are otherwise restricted in the GUI.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Arista Networks CloudVision Portal 安全漏洞
Vulnerability Description
Arista Networks CloudVision Portal是美国Arista Networks公司的一套用于CloudVision平台的、基于Web的用户管理门户。该产品包括网络设备配置、合规性管理、变更管理和网络监控管理等功能。 Arista Networks CloudVision Portal(2018年1月和2月份发布的版本)中存在提权漏洞。攻击者可利用该漏洞绕过被限制功能的权限要求,执行被限制的操作。
CVSS Information
N/A
Vulnerability Type
N/A