HIGH
Arista
CVE published 2017-01-23
CVE-2016-9012
CVE-2016-9012 describes a high-severity authorization flaw in Arista CloudVision Portal (CVP). An authenticated remote user could reach internal configuration mechanisms through the management plane by making a request associated with /web/system/console/bundle. The vulnerability applies to CVP versions before 2016.1.2.1, with NVD listing affected CPE versions through 2016.1.2.0.