CVE-2024-11186

On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-prem

Description

On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service.

Remediation

Solution:

  • The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see CloudVision Users Guide https://www.arista.io/help/2024.3/articles/dXBncmFkZS5BbGwudXBncmFkZQ== .   CVE-2024-11186 has been fixed in the following releases: * 2025.1.0 and later releases in the 2025.1.x train * 2024.3.1 and later releases in the 2024.3.x train * 2024.2.2 and later releases in the 2024.2.x train * 2024.1.3 and later releases in the 2024.1.x train

Workaround:

  • The workaround is to append the following to /etc/nginx/conf.d/locations/cvp.https.conf on all CVP nodes: location ^~ /cvpservice/di/ { return 404; }   Then restart nginx by running the following command on any node: nginx-app.sh reload

Category

10.0
CVSS
Severity: Critical
CVSS 3.1 •
EPSS 0.05%
Affected: Arista Networks CloudVision Portal
Published at:
Updated at:

References

Link Tags
https://www.arista.com/en/support/advisories-notices/security-advisory/21314-security-advisory-0114

Frequently Asked Questions

What is the severity of CVE-2024-11186?
CVE-2024-11186 has been scored as a critical severity vulnerability.
How to fix CVE-2024-11186?
To fix CVE-2024-11186: The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. For more information about upgrading see CloudVision Users Guide https://www.arista.io/help/2024.3/articles/dXBncmFkZS5BbGwudXBncmFkZQ== .   CVE-2024-11186 has been fixed in the following releases: * 2025.1.0 and later releases in the 2025.1.x train * 2024.3.1 and later releases in the 2024.3.x train * 2024.2.2 and later releases in the 2024.2.x train * 2024.1.3 and later releases in the 2024.1.x train
Is CVE-2024-11186 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2024-11186 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2024-11186?
CVE-2024-11186 affects Arista Networks CloudVision Portal.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.