Platform
other
Component
cloudvision-portal
Fixed in
2024.3.1
2024.2.2
2024.1.3
2023.3.1
2023.2.1
2023.1.1
2022.3.1
2022.2.1
2022.1.1
2021.3.1
2021.2.1
2021.1.1
2020.3.1
2020.2.1
2020.1.1
2019.1.1
2018.2.1
2018.1.1
2017.2.1
CVE-2024-11186 describes an improper access control vulnerability in Arista CloudVision Portal. This flaw allows authenticated malicious users to exceed their intended permissions and perform broader actions on managed EOS devices. The vulnerability affects on-premise deployments of CloudVision Portal running versions 2021.3 through 2024.3.0. A fix is available in version 2024.3.1.
The impact of CVE-2024-11186 is significant due to the potential for privilege escalation and unauthorized device management. An attacker who has successfully authenticated to the CloudVision Portal could leverage this vulnerability to modify configurations, disable security features, or even take control of managed EOS devices. This could lead to widespread network disruption, data breaches, and compromise of sensitive information. The scope of the impact depends on the criticality of the EOS devices managed by the CloudVision Portal and the sensitivity of the data they handle. This vulnerability highlights the importance of robust access controls and the principle of least privilege within network management systems.
CVE-2024-11186 was publicly disclosed on 2025-05-08. Its CRITICAL severity suggests a high likelihood of exploitation if left unpatched. As of this writing, there are no publicly available proof-of-concept exploits. It is not currently listed on the CISA KEV catalog. Organizations should prioritize patching to prevent potential compromise.
Exploit Status
EPSS
0.35% (57% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-11186 is to upgrade Arista CloudVision Portal to version 2024.3.1 or later. If an immediate upgrade is not feasible, consider implementing stricter access controls within the CloudVision Portal to limit the actions that authenticated users can perform. Review user permissions and ensure they adhere to the principle of least privilege. Additionally, monitor CloudVision Portal logs for any suspicious activity, particularly attempts to access or modify EOS device configurations by unauthorized users. After upgrading, verify the fix by attempting to perform actions outside of a user's assigned role and confirming that access is denied.
Update CloudVision Portal to an unaffected version. Refer to the Arista advisory for more details and specific upgrade instructions. Apply appropriate access control measures as recommended by the vendor.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-11186 is a CRITICAL vulnerability affecting Arista CloudVision Portal versions 2021.3–2024.3.0, allowing authenticated users to perform unauthorized actions on managed EOS devices.
If you are running Arista CloudVision Portal on-premise in versions 2021.3 through 2024.3.0, you are potentially affected by this vulnerability.
Upgrade Arista CloudVision Portal to version 2024.3.1 or later to remediate the vulnerability. Implement stricter access controls as an interim measure.
As of now, there are no publicly known active exploitation campaigns, but the CRITICAL severity warrants immediate patching.
Refer to the official Arista CloudVision Portal security advisory for detailed information and guidance: [https://www.arista.com/en/support/security/advisories/cloudvision-portal-security-advisory-cve-2024-11186]
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.