Description
On affected platforms, if SSH session multiplexing was configured on the client side, SSH sessions (e.g, scp, sftp) multiplexed onto the same channel could perform file-system operations after a configured session timeout expired
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low
Affected products
- Arista Networks / DANZ Monitoring Fabric0 – 0
- Arista Networks / DANZ Monitoring Fabric0 – DMF 8.6.1
- Arista Networks / DANZ Monitoring Fabric0 – DMF 8.5.2
- Arista Networks / DANZ Monitoring Fabric0 – CCF 6.2.4
- Arista Networks / DANZ Monitoring Fabric0 – CVA 7.0
- Arista Networks / DANZ Monitoring Fabric0 – MCD 2.4.0