arista

Top products

The 15 most recently published vulnerabilities affecting arista.

• CVE-2026-25624Arista Edge Threat Management NGFW UI Administrative Cross-Site Scripting5.7Jun 5, 2026
• CVE-2026-25623Arista Edge Threat Management NGFW UI Arbitrary Command Execution6.0Jun 5, 2026
• CVE-2026-25622Arista Edge Threat Management NGFW Captive Portal Custom Handler Command Injection6.0Jun 5, 2026
• CVE-2026-25621Arista Edge Threat Management NGFW Reports Application Insecure Input Validation6.0Jun 5, 2026
• CVE-2026-25620Arista Edge Threat Management NGFW Captive Portal Encrypted Password Command Injection6.0Jun 5, 2026
• CVE-2026-7473Arista EOS Unexpected Tunnel Protocol Decapsulation and Forwarding BypassKEV5.8Jun 5, 2026
• CVE-2026-31431crypto: algif_aead - Revert to operating out-of-placeKEV7.8Apr 22, 2026
• CVE-2025-2767Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability9.6Apr 23, 2025
• CVE-2024-9188Specially constructed queries cause cross platform scripting leaking administrator tokens8.8Jan 10, 2025
• CVE-2024-47520A user with advanced report application access rights can perform actions for which they are not authorized7.6Jan 10, 2025
• CVE-2024-47519Backup uploads to ETM subject to man-in-the-middle interception8.3Jan 10, 2025
• CVE-2024-47518Specially constructed queries targeting ETM could discover active remote access sessions6.4Jan 10, 2025
• CVE-2024-47517Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access6.8Jan 10, 2025
• CVE-2024-9134Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.8.3Jan 10, 2025
• CVE-2024-9133A user with administrator privileges is able to retrieve authentication tokens6.6Jan 10, 2025