{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T17:18:59.135","vulnerabilities":[{"cve":{"id":"CVE-2024-11186","sourceIdentifier":"psirt@arista.com","published":"2025-05-08T19:15:57.100","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"On affected versions of the CloudVision Portal, improper access controls could enable a malicious authenticated user to take broader actions on managed EOS devices than intended. This advisory impacts the Arista CloudVision Portal products when run on-premise. It does not impact CloudVision as-a-Service."},{"lang":"es","value":"En las versiones afectadas de CloudVision Portal, los controles de acceso inadecuados podrían permitir que un usuario autenticado malintencionado realice acciones más amplias de lo previsto en dispositivos EOS administrados. Este aviso afecta a los productos de Arista CloudVision Portal cuando se ejecutan localmente. No afecta a CloudVision como servicio."}],"metrics":{"cvssMetricV31":[{"source":"psirt@arista.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0}]},"weaknesses":[{"source":"psirt@arista.com","type":"Secondary","description":[{"lang":"en","value":"CWE-287"}]}],"references":[{"url":"https://www.arista.com/en/support/advisories-notices/security-advisory/21314-security-advisory-0114","source":"psirt@arista.com"}]}}]}