CVE-2024-4578
8.4
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Summary
This Advisory describes an issue that impacts Arista Wireless Access Points. Any entity with the ability to authenticate via SSH to an affected AP as the “config” user is able to cause a privilege escalation via spawning a bash shell. The SSH CLI session does not require high permissions to exploit this vulnerability, but the config password is required to establish the session. The spawned shell is able to obtain root privileges.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Arista Networks | Arista Wireless Access Points | 13.0.2.x <= 13.0.2-28-vv1002 | affected |
| Arista Networks | Arista Wireless Access Points | 15.x | affected |
| Arista Networks | Arista Wireless Access Points | 16.x <= 16.1.051-vv6 | affected |
Weaknesses
- CWE-77: CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
Workarounds
To mitigate the attack, configure a strong config shell password and share the password only with admin and/or trusted parties.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.