This advisory documents the impact of an internally found vulnerability in Arista EOS state streaming telemetry agent TerminAttr and OpenConfig transport protocols. The impact of this vulnerability is that, in certain conditions, TerminAttr might leak IPsec sensitive data in clear text in CVP to other authorized users, which could cause IPsec traffic to be decrypted or modified by other authorized users on the device.
More Stories
Panel.Amadey.d.c C2 / Cross Site Scripting (XSS)
Posted by malvuln on May 14 Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/50467c891bf7de34d2d65fa93ab8b558.txt Contact:...
Re: RansomLord v3 / Anti-Ransomware Exploit Tool Released
Posted by malvuln on May 14 Updated, fixed typo SHA256 : 810229C7E62D5EDDD3DA9FFA19D04A31D71F9C36D05B6A614FEF496E88656FF5 Read More
RansomLord v3 / Anti-Ransomware Exploit Tool Released
Posted by malvuln on May 14 Proof-of-concept tool that automates the creation of PE files, used to exploit Ransomware pre-encryption....
APPLE-SA-05-13-2024-8 tvOS 17.5
Posted by Apple Product Security via Fulldisclosure on May 14 APPLE-SA-05-13-2024-8 tvOS 17.5 tvOS 17.5 addresses the following issues. Information...
APPLE-SA-05-13-2024-7 watchOS 10.5
Posted by Apple Product Security via Fulldisclosure on May 14 APPLE-SA-05-13-2024-7 watchOS 10.5 watchOS 10.5 addresses the following issues. Information...
Research about consistency of CVSSv4
Posted by Julia Wunder on May 14 Hello there, The University of Erlangen-Nuremberg (Germany) is conducting a research study to...