Platform
other
Component
cloudvision-portal
Opgelost in
2024.3.1
2024.2.1
2023.3.2
2023.2.1
2022.0.1
2021.0.1
2020.0.1
2019.0.1
2018.0.1
CVE-2024-8100 is a critical vulnerability affecting Arista CloudVision Portal (CVP on-prem) versions between 2018 and 2024.3.0. This flaw allows an attacker to escalate privileges to administrator level by exploiting a time-bound device onboarding token. The vulnerability was published on 2025-05-08 and a fix is available in version 2024.3.1.
The core of this vulnerability lies in the mishandling of device onboarding tokens within the CloudVision Portal. Attackers can exploit this by intercepting or manipulating these tokens, which are typically used for temporary access during device configuration. Successful exploitation grants the attacker full administrative control over the affected CloudVision Portal instance. This includes the ability to modify network configurations, access sensitive data, and potentially compromise connected devices. The blast radius extends to any devices managed by the CloudVision Portal, making this a high-impact security concern.
CVE-2024-8100 is not currently listed on the CISA KEV catalog. The EPSS score is pending evaluation. Public proof-of-concept exploits are not currently known, but the vulnerability's nature suggests a high likelihood of exploitation once a PoC becomes available. The vulnerability was publicly disclosed on 2025-05-08.
Organizations heavily reliant on Arista CloudVision Portal for network management and automation are at significant risk. This includes large enterprises, data centers, and service providers. Specifically, deployments using older versions of CVP (2018–2024.3.0) and those with less stringent access controls around device onboarding are particularly vulnerable.
disclosure
Exploit Status
EPSS
0.22% (45% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2024-8100 is to immediately upgrade Arista CloudVision Portal to version 2024.3.1 or later. Before upgrading, it's crucial to review Arista's official upgrade documentation and perform a backup of the existing configuration. If an immediate upgrade is not feasible, consider temporarily restricting access to the device onboarding functionality within the CloudVision Portal to limit the attack surface. Monitor CloudVision Portal logs for any suspicious activity related to device onboarding tokens.
Actualice Arista CloudVision Portal a una versión no afectada. Consulte el advisory de Arista para obtener más detalles sobre las versiones corregidas y las instrucciones de actualización específicas.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2024-8100 is a HIGH severity vulnerability affecting Arista CloudVision Portal versions 2018–2024.3.0, allowing attackers to gain admin privileges via device onboarding tokens.
If you are running Arista CloudVision Portal versions 2018–2024.3.0, you are potentially affected by this vulnerability. Check your version and upgrade immediately.
Upgrade Arista CloudVision Portal to version 2024.3.1 or later. Back up your configuration before upgrading and review Arista's official upgrade documentation.
While no active exploitation has been publicly confirmed, the vulnerability's nature suggests a high likelihood of exploitation once a proof-of-concept becomes available.
Refer to the official Arista CloudVision Portal security advisories on the Arista support website for detailed information and updates.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.