A vulnerability in Arista’s CloudVision Portal (CVP) prior to 2020.2 allows users with “read-only” or greater access rights to the Configlet Management module to download files not intended for access, located on the CVP server, by accessing a specific API.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-09-22T14:50:02
Updated: 2024-08-04T15:12:09.020Z
Reserved: 2020-08-13T00:00:00
Link: CVE-2020-24333
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-09-22T15:15:14.810
Modified: 2024-11-21T05:14:36.433
Link: CVE-2020-24333
Redhat
No data.