{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-11186", "assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "state": "PUBLISHED", "assignerShortName": "Arista", "dateReserved": "2024-11-13T17:09:34.018Z", "datePublished": "2025-05-08T18:47:52.859Z", "dateUpdated": "2025-05-08T19:01:23.429Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "CloudVision Portal", "vendor": "Arista Networks", "versions": [{"status": "affected", "version": "2024.3.0"}, {"lessThanOrEqual": "2024.2.1", "status": "affected", "version": "2024.2.0", "versionType": "custom"}, {"lessThanOrEqual": "2024.1.2", "status": "affected", "version": "2024.1.0", "versionType": "custom"}, {"status": "affected", "version": "2023.3"}, {"status": "affected", "version": "2023.2"}, {"status": "affected", "version": "2023.1"}, {"status": "affected", "version": "2022.3"}, {"status": "affected", "version": "2022.2"}, {"status": "affected", "version": "2022.1"}, {"status": "affected", "version": "2021.3"}, {"status": "affected", "version": "2021.2"}, {"status": "affected", "version": "2021.1"}, {"status": "affected", "version": "2020.3"}, {"status": "affected", "version": "2020.2"}, {"status": "affected", "version": "2020.1"}, {"status": "affected", "version": "2019.1"}, {"status": "affected", "version": "2018.2"}, {"status": "affected", "version": "2018.1"}, {"status": "affected", "version": "2017.2"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div>In order to be vulnerable to CVE-2024-11186, the following condition must be met:</div><ul><li>A user must be able to authenticate with CloudVision</li></ul><br>"}], "value": "In order to be vulnerable to CVE-2024-11186, the following condition must be met:\n\n  *  A user must be able to authenticate with CloudVision"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service.</span><br>"}], "value": "On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service."}], "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "description": "CWE-287 Improper Authentication", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "shortName": "Arista", "dateUpdated": "2025-05-08T18:47:52.859Z"}, "references": [{"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/21314-security-advisory-0114"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.io/help/2024.3/articles/dXBncmFkZS5BbGwudXBncmFkZQ==\">CloudVision Users Guide</a>.</p><div>&nbsp;</div><div>CVE-2024-11186 has been fixed in the following releases:</div><ul><li>2025.1.0 and later releases in the 2025.1.x train</li><li>2024.3.1 and later releases in the 2024.3.x train</li><li>2024.2.2 and later releases in the 2024.2.x train</li><li>2024.1.3 and later releases in the 2024.1.x train</li></ul><br>"}], "value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see  CloudVision Users Guide https://www.arista.io/help/2024.3/articles/dXBncmFkZS5BbGwudXBncmFkZQ== .\n\n\u00a0\n\nCVE-2024-11186 has been fixed in the following releases:\n\n  *  2025.1.0 and later releases in the 2025.1.x train\n  *  2024.3.1 and later releases in the 2024.3.x train\n  *  2024.2.2 and later releases in the 2024.2.x train\n  *  2024.1.3 and later releases in the 2024.1.x train"}], "source": {"advisory": "114", "defect": ["BUG 1029707"], "discovery": "INTERNAL"}, "title": "On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-prem", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The workaround is to append the following to /etc/nginx/conf.d/locations/cvp.https.conf on all CVP nodes:</p><pre>location ^~ /cvpservice/di/ {\n    return 404;\n}\n</pre><div>&nbsp;</div><p>Then restart nginx by running the following command on any node:</p><pre>nginx-app.sh reload</pre><br>"}], "value": "The workaround is to append the following to /etc/nginx/conf.d/locations/cvp.https.conf on all CVP nodes:\n\nlocation ^~ /cvpservice/di/ {\n    return 404;\n}\n\n\n\u00a0\n\nThen restart nginx by running the following command on any node:\n\nnginx-app.sh reload"}], "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-08T19:00:51.701556Z", "id": "CVE-2024-11186", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-08T19:01:23.429Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-11186", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-05-08T19:00:51.701556Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-08T19:01:14.387Z"}}], "cna": {"title": "On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-prem", "source": {"defect": ["BUG 1029707"], "advisory": "114", "discovery": "INTERNAL"}, "impacts": [{"capecId": "CAPEC-180", "descriptions": [{"lang": "en", "value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 10, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Arista Networks", "product": "CloudVision Portal", "versions": [{"status": "affected", "version": "2024.3.0"}, {"status": "affected", "version": "2024.2.0", "versionType": "custom", "lessThanOrEqual": "2024.2.1"}, {"status": "affected", "version": "2024.1.0", "versionType": "custom", "lessThanOrEqual": "2024.1.2"}, {"status": "affected", "version": "2023.3"}, {"status": "affected", "version": "2023.2"}, {"status": "affected", "version": "2023.1"}, {"status": "affected", "version": "2022.3"}, {"status": "affected", "version": "2022.2"}, {"status": "affected", "version": "2022.1"}, {"status": "affected", "version": "2021.3"}, {"status": "affected", "version": "2021.2"}, {"status": "affected", "version": "2021.1"}, {"status": "affected", "version": "2020.3"}, {"status": "affected", "version": "2020.2"}, {"status": "affected", "version": "2020.1"}, {"status": "affected", "version": "2019.1"}, {"status": "affected", "version": "2018.2"}, {"status": "affected", "version": "2018.1"}, {"status": "affected", "version": "2017.2"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see  CloudVision Users Guide https://www.arista.io/help/2024.3/articles/dXBncmFkZS5BbGwudXBncmFkZQ== .\n\n\u00a0\n\nCVE-2024-11186 has been fixed in the following releases:\n\n  *  2025.1.0 and later releases in the 2025.1.x train\n  *  2024.3.1 and later releases in the 2024.3.x train\n  *  2024.2.2 and later releases in the 2024.2.x train\n  *  2024.1.3 and later releases in the 2024.1.x train", "supportingMedia": [{"type": "text/html", "value": "<p>The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.arista.io/help/2024.3/articles/dXBncmFkZS5BbGwudXBncmFkZQ==\">CloudVision Users Guide</a>.</p><div>&nbsp;</div><div>CVE-2024-11186 has been fixed in the following releases:</div><ul><li>2025.1.0 and later releases in the 2025.1.x train</li><li>2024.3.1 and later releases in the 2024.3.x train</li><li>2024.2.2 and later releases in the 2024.2.x train</li><li>2024.1.3 and later releases in the 2024.1.x train</li></ul><br>", "base64": false}]}], "references": [{"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/21314-security-advisory-0114"}], "workarounds": [{"lang": "en", "value": "The workaround is to append the following to /etc/nginx/conf.d/locations/cvp.https.conf on all CVP nodes:\n\nlocation ^~ /cvpservice/di/ {\n    return 404;\n}\n\n\n\u00a0\n\nThen restart nginx by running the following command on any node:\n\nnginx-app.sh reload", "supportingMedia": [{"type": "text/html", "value": "<p>The workaround is to append the following to /etc/nginx/conf.d/locations/cvp.https.conf on all CVP nodes:</p><pre>location ^~ /cvpservice/di/ {\n    return 404;\n}\n</pre><div>&nbsp;</div><p>Then restart nginx by running the following command on any node:</p><pre>nginx-app.sh reload</pre><br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service.</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-287", "description": "CWE-287 Improper Authentication"}]}], "configurations": [{"lang": "en", "value": "In order to be vulnerable to CVE-2024-11186, the following condition must be met:\n\n  *  A user must be able to authenticate with CloudVision", "supportingMedia": [{"type": "text/html", "value": "<div>In order to be vulnerable to CVE-2024-11186, the following condition must be met:</div><ul><li>A user must be able to authenticate with CloudVision</li></ul><br>", "base64": false}]}], "providerMetadata": {"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "shortName": "Arista", "dateUpdated": "2025-05-08T18:47:52.859Z"}}}, "cveMetadata": {"cveId": "CVE-2024-11186", "state": "PUBLISHED", "dateUpdated": "2025-05-08T19:01:23.429Z", "dateReserved": "2024-11-13T17:09:34.018Z", "assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "datePublished": "2025-05-08T18:47:52.859Z", "assignerShortName": "Arista"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service."}, {"lang": "es", "value": "En las versiones afectadas de CloudVision Portal, los controles de acceso inadecuados podr\u00edan permitir que un usuario autenticado malintencionado realice acciones m\u00e1s amplias de lo previsto en dispositivos EOS administrados. Este aviso afecta a los productos de Arista CloudVision Portal cuando se ejecutan localmente. No afecta a CloudVision como servicio."}], "id": "CVE-2024-11186", "lastModified": "2025-05-12T17:32:52.810", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 6.0, "source": "psirt@arista.com", "type": "Secondary"}]}, "published": "2025-05-08T19:15:57.100", "references": [{"source": "psirt@arista.com", "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/21314-security-advisory-0114"}], "sourceIdentifier": "psirt@arista.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "psirt@arista.com", "type": "Secondary"}]}

{}