PT-2025-3691 · Arista · Arista Cloudvision Appliance

Published

2025-01-10

Updated

2025-01-11

CVE-2024-7142

CVSS v3.1

4.6

Medium

Vector

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Arista CloudVision Appliance (CVA) (affected versions not specified)

Description The issue affects Arista CloudVision Appliance (CVA) releases running on appliances that support hardware disk encryption, specifically the DCA-350E-CV model. The problem is that disk encryption might not be successfully performed, resulting in the disks remaining unsecured and data on them being unprotected.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Encryption of Sensitive Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-311

Related Identifiers

CVE-2024-7142

Affected Products

Arista Cloudvision Appliance

PT-2025-3691 · Arista · Arista Cloudvision Appliance

CVE-2024-7142

Weakness Enumeration

Related Identifiers

Affected Products

References · 5