CVE-2024-11186 (GCVE-0-2024-11186)
Vulnerability from cvelistv5
Published
2025-05-08 18:47
Modified
2025-05-08 19:01
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE
  • CWE-287 - Improper Authentication
Summary
On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service.
References
Impacted products
Vendor Product Version
Arista Networks CloudVision Portal Version: 2024.3.0
Version: 2024.2.0   <
Version: 2024.1.0   <
Version: 2023.3
Version: 2023.2
Version: 2023.1
Version: 2022.3
Version: 2022.2
Version: 2022.1
Version: 2021.3
Version: 2021.2
Version: 2021.1
Version: 2020.3
Version: 2020.2
Version: 2020.1
Version: 2019.1
Version: 2018.2
Version: 2018.1
Version: 2017.2
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11186",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-08T19:00:51.701556Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-08T19:01:23.429Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "CloudVision Portal",
          "vendor": "Arista Networks",
          "versions": [
            {
              "status": "affected",
              "version": "2024.3.0"
            },
            {
              "lessThanOrEqual": "2024.2.1",
              "status": "affected",
              "version": "2024.2.0",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "2024.1.2",
              "status": "affected",
              "version": "2024.1.0",
              "versionType": "custom"
            },
            {
              "status": "affected",
              "version": "2023.3"
            },
            {
              "status": "affected",
              "version": "2023.2"
            },
            {
              "status": "affected",
              "version": "2023.1"
            },
            {
              "status": "affected",
              "version": "2022.3"
            },
            {
              "status": "affected",
              "version": "2022.2"
            },
            {
              "status": "affected",
              "version": "2022.1"
            },
            {
              "status": "affected",
              "version": "2021.3"
            },
            {
              "status": "affected",
              "version": "2021.2"
            },
            {
              "status": "affected",
              "version": "2021.1"
            },
            {
              "status": "affected",
              "version": "2020.3"
            },
            {
              "status": "affected",
              "version": "2020.2"
            },
            {
              "status": "affected",
              "version": "2020.1"
            },
            {
              "status": "affected",
              "version": "2019.1"
            },
            {
              "status": "affected",
              "version": "2018.2"
            },
            {
              "status": "affected",
              "version": "2018.1"
            },
            {
              "status": "affected",
              "version": "2017.2"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003eIn order to be vulnerable to CVE-2024-11186, the following condition must be met:\u003c/div\u003e\u003cul\u003e\u003cli\u003eA user must be able to authenticate with CloudVision\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
            }
          ],
          "value": "In order to be vulnerable to CVE-2024-11186, the following condition must be met:\n\n  *  A user must be able to authenticate with CloudVision"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eOn affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-180",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287 Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-08T18:47:52.859Z",
        "orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
        "shortName": "Arista"
      },
      "references": [
        {
          "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/21314-security-advisory-0114"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.io/help/2024.3/articles/dXBncmFkZS5BbGwudXBncmFkZQ==\"\u003eCloudVision Users Guide\u003c/a\u003e.\u003c/p\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eCVE-2024-11186 has been fixed in the following releases:\u003c/div\u003e\u003cul\u003e\u003cli\u003e2025.1.0 and later releases in the 2025.1.x train\u003c/li\u003e\u003cli\u003e2024.3.1 and later releases in the 2024.3.x train\u003c/li\u003e\u003cli\u003e2024.2.2 and later releases in the 2024.2.x train\u003c/li\u003e\u003cli\u003e2024.1.3 and later releases in the 2024.1.x train\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e"
            }
          ],
          "value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see  CloudVision Users Guide https://www.arista.io/help/2024.3/articles/dXBncmFkZS5BbGwudXBncmFkZQ== .\n\n\u00a0\n\nCVE-2024-11186 has been fixed in the following releases:\n\n  *  2025.1.0 and later releases in the 2025.1.x train\n  *  2024.3.1 and later releases in the 2024.3.x train\n  *  2024.2.2 and later releases in the 2024.2.x train\n  *  2024.1.3 and later releases in the 2024.1.x train"
        }
      ],
      "source": {
        "advisory": "114",
        "defect": [
          "BUG 1029707"
        ],
        "discovery": "INTERNAL"
      },
      "title": "On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-prem",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe workaround is to append the following to /etc/nginx/conf.d/locations/cvp.https.conf on all CVP nodes:\u003c/p\u003e\u003cpre\u003elocation ^~ /cvpservice/di/ {\n    return 404;\n}\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eThen restart nginx by running the following command on any node:\u003c/p\u003e\u003cpre\u003enginx-app.sh reload\u003c/pre\u003e\u003cbr\u003e"
            }
          ],
          "value": "The workaround is to append the following to /etc/nginx/conf.d/locations/cvp.https.conf on all CVP nodes:\n\nlocation ^~ /cvpservice/di/ {\n    return 404;\n}\n\n\n\u00a0\n\nThen restart nginx by running the following command on any node:\n\nnginx-app.sh reload"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
    "assignerShortName": "Arista",
    "cveId": "CVE-2024-11186",
    "datePublished": "2025-05-08T18:47:52.859Z",
    "dateReserved": "2024-11-13T17:09:34.018Z",
    "dateUpdated": "2025-05-08T19:01:23.429Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-11186\",\"sourceIdentifier\":\"psirt@arista.com\",\"published\":\"2025-05-08T19:15:57.100\",\"lastModified\":\"2025-05-12T17:32:52.810\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service.\"},{\"lang\":\"es\",\"value\":\"En las versiones afectadas de CloudVision Portal, los controles de acceso inadecuados podr\u00edan permitir que un usuario autenticado malintencionado realice acciones m\u00e1s amplias de lo previsto en dispositivos EOS administrados. Este aviso afecta a los productos de Arista CloudVision Portal cuando se ejecutan localmente. No afecta a CloudVision como servicio.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@arista.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":10.0,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"psirt@arista.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"references\":[{\"url\":\"https://www.arista.com/en/support/advisories-notices/security-advisory/21314-security-advisory-0114\",\"source\":\"psirt@arista.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-11186\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-08T19:00:51.701556Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-08T19:01:14.387Z\"}}], \"cna\": {\"title\": \"On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-prem\", \"source\": {\"defect\": [\"BUG 1029707\"], \"advisory\": \"114\", \"discovery\": \"INTERNAL\"}, \"impacts\": [{\"capecId\": \"CAPEC-180\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 10, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Arista Networks\", \"product\": \"CloudVision Portal\", \"versions\": [{\"status\": \"affected\", \"version\": \"2024.3.0\"}, {\"status\": \"affected\", \"version\": \"2024.2.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2024.2.1\"}, {\"status\": \"affected\", \"version\": \"2024.1.0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"2024.1.2\"}, {\"status\": \"affected\", \"version\": \"2023.3\"}, {\"status\": \"affected\", \"version\": \"2023.2\"}, {\"status\": \"affected\", \"version\": \"2023.1\"}, {\"status\": \"affected\", \"version\": \"2022.3\"}, {\"status\": \"affected\", \"version\": \"2022.2\"}, {\"status\": \"affected\", \"version\": \"2022.1\"}, {\"status\": \"affected\", \"version\": \"2021.3\"}, {\"status\": \"affected\", \"version\": \"2021.2\"}, {\"status\": \"affected\", \"version\": \"2021.1\"}, {\"status\": \"affected\", \"version\": \"2020.3\"}, {\"status\": \"affected\", \"version\": \"2020.2\"}, {\"status\": \"affected\", \"version\": \"2020.1\"}, {\"status\": \"affected\", \"version\": \"2019.1\"}, {\"status\": \"affected\", \"version\": \"2018.2\"}, {\"status\": \"affected\", \"version\": \"2018.1\"}, {\"status\": \"affected\", \"version\": \"2017.2\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see  CloudVision Users Guide https://www.arista.io/help/2024.3/articles/dXBncmFkZS5BbGwudXBncmFkZQ== .\\n\\n\\u00a0\\n\\nCVE-2024-11186 has been fixed in the following releases:\\n\\n  *  2025.1.0 and later releases in the 2025.1.x train\\n  *  2024.3.1 and later releases in the 2024.3.x train\\n  *  2024.2.2 and later releases in the 2024.2.x train\\n  *  2024.1.3 and later releases in the 2024.1.x train\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eThe recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.arista.io/help/2024.3/articles/dXBncmFkZS5BbGwudXBncmFkZQ==\\\"\u003eCloudVision Users Guide\u003c/a\u003e.\u003c/p\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eCVE-2024-11186 has been fixed in the following releases:\u003c/div\u003e\u003cul\u003e\u003cli\u003e2025.1.0 and later releases in the 2025.1.x train\u003c/li\u003e\u003cli\u003e2024.3.1 and later releases in the 2024.3.x train\u003c/li\u003e\u003cli\u003e2024.2.2 and later releases in the 2024.2.x train\u003c/li\u003e\u003cli\u003e2024.1.3 and later releases in the 2024.1.x train\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\", \"base64\": false}]}], \"references\": [{\"url\": \"https://www.arista.com/en/support/advisories-notices/security-advisory/21314-security-advisory-0114\"}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"The workaround is to append the following to /etc/nginx/conf.d/locations/cvp.https.conf on all CVP nodes:\\n\\nlocation ^~ /cvpservice/di/ {\\n    return 404;\\n}\\n\\n\\n\\u00a0\\n\\nThen restart nginx by running the following command on any node:\\n\\nnginx-app.sh reload\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cp\u003eThe workaround is to append the following to /etc/nginx/conf.d/locations/cvp.https.conf on all CVP nodes:\u003c/p\u003e\u003cpre\u003elocation ^~ /cvpservice/di/ {\\n    return 404;\\n}\\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eThen restart nginx by running the following command on any node:\u003c/p\u003e\u003cpre\u003enginx-app.sh reload\u003c/pre\u003e\u003cbr\u003e\", \"base64\": false}]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eOn affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service.\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-287\", \"description\": \"CWE-287 Improper Authentication\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"In order to be vulnerable to CVE-2024-11186, the following condition must be met:\\n\\n  *  A user must be able to authenticate with CloudVision\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cdiv\u003eIn order to be vulnerable to CVE-2024-11186, the following condition must be met:\u003c/div\u003e\u003cul\u003e\u003cli\u003eA user must be able to authenticate with CloudVision\u003c/li\u003e\u003c/ul\u003e\u003cbr\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7\", \"shortName\": \"Arista\", \"dateUpdated\": \"2025-05-08T18:47:52.859Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-11186\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-08T19:01:23.429Z\", \"dateReserved\": \"2024-11-13T17:09:34.018Z\", \"assignerOrgId\": \"c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7\", \"datePublished\": \"2025-05-08T18:47:52.859Z\", \"assignerShortName\": \"Arista\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.