CVE-2023-24547
5.9
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:H
Summary
On affected platforms running Arista MOS, the configuration of a BGP password will cause the password to be logged in clear text that can be revealed in local logs or remote logging servers by authenticated users, as well as appear in clear text in the device’s running config.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Arista Networks | MOS | 0.13.0 <= 0.39.4 | affected |
Weaknesses
- cwe-212
Workarounds
No mitigation exists.
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.