Aggregates CVE and security vulnerability intelligence across all Arista Networks-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues involve various input-handling and memory-safety problems that may affect software stability and security.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-25624 | An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processing behavior controls. | [email protected] | 5.8 | 0.04% | 2026-06-05 | 2026-06-08 |
| CVE-2026-25623 | An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Authenticated administrators can leverage this exposure to obtain underlying terminal script code processing execution permissions. | [email protected] | 7.0 | 0.07% | 2026-06-05 | 2026-06-08 |
| CVE-2026-25622 | A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). On affected platforms, an administrative account logged into the user interface can exploit this input handling behavior to execute arbitrary platform shell commands. | [email protected] | 7.0 | 0.20% | 2026-06-05 | 2026-06-08 |
| CVE-2026-25621 | A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) due to insecure input validation. This issue uniquely affects version 17.4.0; earlier software releases are not exposed. | [email protected] | 7.0 | 0.06% | 2026-06-05 | 2026-06-08 |
| CVE-2026-25620 | An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). This issue uniquely affects version 17.4.0; earlier software releases are not exposed. | [email protected] | 7.0 | 0.22% | 2026-06-05 | 2026-06-08 |
| CVE-2026-7473 KEV | On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a destination IP matching its configured decapsulation IP. This occurs because the switch does not verify the tunnel protocol type, potentially leading to the unexpected processing of non-configured tun | [email protected] | 6.9 | 27.22% | 2026-06-05 | 2026-06-09 |
| CVE-2026-31431 KEV | In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly. | 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | 7.8 | 2.58% | 2026-04-22 | 2026-05-21 |
| CVE-2025-2767 | Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability. The specific flaw exists within the processing of the User-Agent HTTP header. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can | [email protected] | 9.6 | 0.62% | 2025-04-23 | 2025-08-14 |
| CVE-2024-9188 | Specially constructed queries cause cross platform scripting leaking administrator tokens | [email protected] | 8.8 | 0.76% | 2025-01-10 | 2025-09-29 |
| CVE-2024-9134 | Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges. | [email protected] | 8.3 | 0.24% | 2025-01-10 | 2025-12-18 |
| CVE-2024-9133 | A user with administrator privileges is able to retrieve authentication tokens | [email protected] | 6.6 | 0.04% | 2025-01-10 | 2025-09-29 |
| CVE-2024-9132 | The administrator is able to configure an insecure captive portal script | [email protected] | 8.1 | 0.81% | 2025-01-10 | 2025-09-29 |
| CVE-2024-9131 | A user with administrator privileges can perform command injection | [email protected] | 7.2 | 0.39% | 2025-01-10 | 2025-09-29 |
| CVE-2024-47520 | A user with advanced report application access rights can perform actions for which they are not authorized | [email protected] | 7.6 | 0.17% | 2025-01-10 | 2025-09-29 |
| CVE-2024-47519 | Backup uploads to ETM subject to man-in-the-middle interception | [email protected] | 8.3 | 0.12% | 2025-01-10 | 2025-09-29 |
| CVE-2024-47518 | Specially constructed queries targeting ETM could discover active remote access sessions | [email protected] | 6.4 | 0.14% | 2025-01-10 | 2025-09-29 |
| CVE-2024-47517 | Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access | [email protected] | 6.8 | 0.09% | 2025-01-10 | 2025-09-29 |
| CVE-2024-12832 | Arista NG Firewall ReportEntry SQL Injection Arbitrary File Read and Write Vulnerability. This vulnerability allows remote attackers to create arbitrary files and disclose sensitive information on affected installations of Arista NG Firewall. Authentication is required to exploit this vulnerability. The specific flaw exists within the ReportEntry class. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can levera | [email protected] | 6.3 | 3.16% | 2024-12-20 | 2025-01-03 |
| CVE-2024-12831 | Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Arista NG Firewall. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the uvm_login module. The issue results from incorrect authorization. An attacker can leverage this to escalate privileges to reso | [email protected] | 7.8 | 0.06% | 2024-12-20 | 2025-01-03 |
| CVE-2024-12830 | Arista NG Firewall custom_handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the custom_handler method. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vu | [email protected] | 7.3 | 4.16% | 2024-12-20 | 2025-01-03 |