CVE-2023-24547

medium

Description

On affected platforms running Arista MOS, the configuration of a BGP password will cause the password to be logged in clear text that can be revealed in local logs or remote logging servers by authenticated users, as well as appear in clear text in the device’s running config.

References

https://www.arista.com/en/support/advisories-notices/security-advisory/18644-security-advisory-0090

Details

Source: Mitre, NVD

Published: 2023-12-06

Updated: 2023-12-11

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N