An issue has recently been discovered in Arista EOS where the incorrect use of EOSs AAA API’s by the OpenConfig and TerminAttr agents could result in unrestricted access to the device for local users with nopassword configuration.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Eos | Arista | * | 4.20 (excluding) |
Eos | Arista | 4.21.0 (including) | 4.21.14m (including) |
Eos | Arista | 4.22.0 (including) | 4.22.11m (including) |
Eos | Arista | 4.23.0 (including) | 4.23.8m (including) |
Eos | Arista | 4.24.6.0 (including) | 4.24.6m (including) |
Eos | Arista | 4.25.0 (including) | 4.25.4m (including) |
Eos | Arista | 4.26.0 (including) | 4.26.1f (including) |