Ng Firewall
Monthly
Cross-site scripting in the Arista Edge Threat Management Next Generation Firewall web UI dashboard allows a high-privileged attacker to inject unvalidated input that is reflected back into administrative profiles, enabling script execution in the context of other administrative sessions. The vulnerability carries a CVSS 4.0 score of 5.8 (Medium), with confidentiality impact rated High on the vulnerable system - consistent with session token or credential harvesting from targeted admin accounts. No public exploit code exists and this CVE is not listed in the CISA KEV catalog at time of analysis.
Authenticated command injection in Arista Edge Threat Management Next Generation Firewall (NGFW) allows administrators with existing access to the browser management pipeline to break out and execute arbitrary terminal/shell script code on the underlying appliance OS. The flaw stems from insufficient input validation (CWE-78) within management-plane functionality and carries a CVSS 4.0 score of 7.0 with no public exploit identified at time of analysis. Because exploitation requires high-privileged authentication, the issue is a privilege-boundary breach rather than an unauthenticated remote takeover.
Command injection in Arista Edge Threat Management Next Generation Firewall (NGFW) Captive Portal Custom Handler allows administrators authenticated to the management UI to execute arbitrary shell commands on the underlying platform. The CVSS 4.0 score of 7.0 reflects high privilege requirements (PR:H) offset by network reach and high confidentiality impact, with no public exploit identified at time of analysis.
Command injection in Arista Edge Threat Management Next Generation Firewall (NGFW) version 17.4.0 allows high-privileged authenticated attackers to abuse insecure input validation in the Reports application to execute OS commands on the appliance. The flaw uniquely affects 17.4.0, with earlier releases unaffected, and no public exploit identified at time of analysis. CVSS 4.0 base score is 7.0 with confidentiality high and integrity/availability low, reflecting a scope-changing impact constrained by the high privileges required.
Command injection in Arista Edge Threat Management Next Generation Firewall (NGFW) version 17.4.0 allows authenticated high-privileged remote attackers to inject OS commands through the Captive Portal application framework via encrypted password handling. The flaw is unique to release 17.4.0 with earlier versions unaffected, and no public exploit identified at time of analysis. CVSS 4.0 base score of 7.0 reflects high attacker privilege requirement balanced against high confidentiality impact on the firewall appliance.
Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Specially constructed queries cause cross platform scripting leaking administrator tokens. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Multiple SQL Injection vulnerabilities exist in the reporting application. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A user with administrator privileges is able to retrieve authentication tokens. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.
The administrator is able to configure an insecure captive portal script. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
A user with administrator privileges can perform command injection. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A user with advanced report application access rights can perform actions for which they are not authorized. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Backup uploads to ETM subject to man-in-the-middle interception. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Specially constructed queries targeting ETM could discover active remote access sessions. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Cross-site scripting in the Arista Edge Threat Management Next Generation Firewall web UI dashboard allows a high-privileged attacker to inject unvalidated input that is reflected back into administrative profiles, enabling script execution in the context of other administrative sessions. The vulnerability carries a CVSS 4.0 score of 5.8 (Medium), with confidentiality impact rated High on the vulnerable system - consistent with session token or credential harvesting from targeted admin accounts. No public exploit code exists and this CVE is not listed in the CISA KEV catalog at time of analysis.
Authenticated command injection in Arista Edge Threat Management Next Generation Firewall (NGFW) allows administrators with existing access to the browser management pipeline to break out and execute arbitrary terminal/shell script code on the underlying appliance OS. The flaw stems from insufficient input validation (CWE-78) within management-plane functionality and carries a CVSS 4.0 score of 7.0 with no public exploit identified at time of analysis. Because exploitation requires high-privileged authentication, the issue is a privilege-boundary breach rather than an unauthenticated remote takeover.
Command injection in Arista Edge Threat Management Next Generation Firewall (NGFW) Captive Portal Custom Handler allows administrators authenticated to the management UI to execute arbitrary shell commands on the underlying platform. The CVSS 4.0 score of 7.0 reflects high privilege requirements (PR:H) offset by network reach and high confidentiality impact, with no public exploit identified at time of analysis.
Command injection in Arista Edge Threat Management Next Generation Firewall (NGFW) version 17.4.0 allows high-privileged authenticated attackers to abuse insecure input validation in the Reports application to execute OS commands on the appliance. The flaw uniquely affects 17.4.0, with earlier releases unaffected, and no public exploit identified at time of analysis. CVSS 4.0 base score is 7.0 with confidentiality high and integrity/availability low, reflecting a scope-changing impact constrained by the high privileges required.
Command injection in Arista Edge Threat Management Next Generation Firewall (NGFW) version 17.4.0 allows authenticated high-privileged remote attackers to inject OS commands through the Captive Portal application framework via encrypted password handling. The flaw is unique to release 17.4.0 with earlier versions unaffected, and no public exploit identified at time of analysis. CVSS 4.0 base score of 7.0 reflects high attacker privilege requirement balanced against high confidentiality impact on the firewall appliance.
Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. Rated critical severity (CVSS 9.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Specially constructed queries cause cross platform scripting leaking administrator tokens. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Multiple SQL Injection vulnerabilities exist in the reporting application. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A user with administrator privileges is able to retrieve authentication tokens. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.
The administrator is able to configure an insecure captive portal script. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
A user with administrator privileges can perform command injection. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A user with advanced report application access rights can perform actions for which they are not authorized. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Backup uploads to ETM subject to man-in-the-middle interception. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Specially constructed queries targeting ETM could discover active remote access sessions. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.