CVE-2023-24547

On affected platforms running Arista MOS, the configuration of a BGP password will cause the password to be logged in clear text that can be revealed in local logs or remote logging servers by authenticated users, as well as appear in clear text in the device’s running config.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:arista:mos:*:*:*:*:*:*:*:*
OR cpe:2.3:h:arista:7130:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7130-16g3s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7130-48g3s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7130-96s:-:*:*:*:*:*:*:*

History

11 Dec 2023, 19:53

Type Values Removed Values Added
References () https://www.arista.com/en/support/advisories-notices/security-advisory/18644-security-advisory-0090 - () https://www.arista.com/en/support/advisories-notices/security-advisory/18644-security-advisory-0090 - Vendor Advisory
CWE CWE-319
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5
CPE cpe:2.3:h:arista:7130-96s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7130:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7130-16g3s:-:*:*:*:*:*:*:*
cpe:2.3:h:arista:7130-48g3s:-:*:*:*:*:*:*:*
cpe:2.3:o:arista:mos:*:*:*:*:*:*:*:*

06 Dec 2023, 00:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-12-06 00:15

Updated : 2024-02-05 00:22


NVD link : CVE-2023-24547

Mitre link : CVE-2023-24547

CVE.ORG link : CVE-2023-24547


JSON object : View

Products Affected

arista

  • 7130-48g3s
  • mos
  • 7130-96s
  • 7130-16g3s
  • 7130
CWE
CWE-319

Cleartext Transmission of Sensitive Information