Platform
other
Component
cloudvision-portal
Fixed in
2024.3.1
2024.2.1
2023.3.2
2023.2.1
2022.0.1
2021.0.1
2020.0.1
2019.0.1
2018.0.1
CVE-2024-8100 is a critical vulnerability affecting Arista CloudVision Portal (CVP on-prem) versions between 2018 and 2024.3.0. This flaw allows an attacker to escalate privileges to administrator level by exploiting a time-bound device onboarding token. The vulnerability was published on 2025-05-08 and a fix is available in version 2024.3.1.
The core of this vulnerability lies in the mishandling of device onboarding tokens within the CloudVision Portal. Attackers can exploit this by intercepting or manipulating these tokens, which are typically used for temporary access during device configuration. Successful exploitation grants the attacker full administrative control over the affected CloudVision Portal instance. This includes the ability to modify network configurations, access sensitive data, and potentially compromise connected devices. The blast radius extends to any devices managed by the CloudVision Portal, making this a high-impact security concern.
CVE-2024-8100 is not currently listed on the CISA KEV catalog. The EPSS score is pending evaluation. Public proof-of-concept exploits are not currently known, but the vulnerability's nature suggests a high likelihood of exploitation once a PoC becomes available. The vulnerability was publicly disclosed on 2025-05-08.
Exploit Status
EPSS
0.22% (45% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2024-8100 is to immediately upgrade Arista CloudVision Portal to version 2024.3.1 or later. Before upgrading, it's crucial to review Arista's official upgrade documentation and perform a backup of the existing configuration. If an immediate upgrade is not feasible, consider temporarily restricting access to the device onboarding functionality within the CloudVision Portal to limit the attack surface. Monitor CloudVision Portal logs for any suspicious activity related to device onboarding tokens.
Update Arista CloudVision Portal to an unaffected version. See the Arista advisory for details on fixed versions and specific upgrade instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-8100 is a HIGH severity vulnerability affecting Arista CloudVision Portal versions 2018–2024.3.0, allowing attackers to gain admin privileges via device onboarding tokens.
If you are running Arista CloudVision Portal versions 2018–2024.3.0, you are potentially affected by this vulnerability. Check your version and upgrade immediately.
Upgrade Arista CloudVision Portal to version 2024.3.1 or later. Back up your configuration before upgrading and review Arista's official upgrade documentation.
While no active exploitation has been publicly confirmed, the vulnerability's nature suggests a high likelihood of exploitation once a proof-of-concept becomes available.
Refer to the official Arista CloudVision Portal security advisories on the Arista support website for detailed information and updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.