CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-29071

This advisory documents an internally found vulnerability in the on premises deployment model of Arista CloudVision Portal (CVP) where under a certain set of conditions, user passwords can be leaked in the Audit and System logs. The impact of this vulnerability is that the CVP user login passwords might be leaked to other authenticated users.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 23.9%

CVSS Severity

CVSS v3 Score 4.0

References

Products affected by CVE-2022-29071

Arista » Cloudvision Portal » Version: 2020.2.0

cpe:2.3:a:arista:cloudvision_portal:2020.2.0
Arista » Cloudvision Portal » Version: 2021.1

cpe:2.3:a:arista:cloudvision_portal:2021.1
Arista » Cloudvision Portal » Version: 2021.2

cpe:2.3:a:arista:cloudvision_portal:2021.2
Arista » Cloudvision Portal » Version: 2021.3

cpe:2.3:a:arista:cloudvision_portal:2021.3
Arista » Cloudvision Portal » Version: 2022.1.0

cpe:2.3:a:arista:cloudvision_portal:2022.1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-29071

Products

Pricing

Contact Us