Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-28499

Опубликовано: 09 сент. 2021
Источник: nvd
CVSS3: 6.3
CVSS3: 5.5
CVSS2: 2.1
EPSS Низкий

Описание

In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user account passwords set in clear text could leak to users without any password. This issue affects: Arista Metamako Operating System MOS-0.18 and post releases in the MOS-0.1x train All releases in the MOS-0.2x train MOS-0.31.1 and prior releases in the MOS-0.3x train

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:arista:metamako_operating_system:*:*:*:*:*:*:*:*
Версия от 0.10.0 (включая) до 0.18.0 (включая)
cpe:2.3:o:arista:metamako_operating_system:*:*:*:*:*:*:*:*
Версия от 0.20.0 (включая) до 0.32.0 (исключая)
cpe:2.3:h:arista:7130:-:*:*:*:*:*:*:*

EPSS

Процентиль: 13%
0.00042
Низкий

6.3 Medium

CVSS3

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-255
CWE-522

Связанные уязвимости

github логотип

GHSA-cgq8-c9wh-mrw4

CVSS3: 5.5
github
больше 3 лет назад

In Arista's MOS (Metamako Operating System) software which is supported on the 7130 product line, user account passwords set in clear text could leak to users without any password. This issue affects: Arista Metamako Operating System MOS-0.18 and post releases in the MOS-0.1x train All releases in the MOS-0.2x train MOS-0.31.1 and prior releases in the MOS-0.3x train

EPSS

Процентиль: 13%
0.00042
Низкий

6.3 Medium

CVSS3

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-255
CWE-522