arista networks
Latest CVEs
The 15 most recently published vulnerabilities affecting arista networks.
- CVE-2026-25624Arista Edge Threat Management NGFW UI Administrative Cross-Site Scripting5.7
- CVE-2026-25623Arista Edge Threat Management NGFW UI Arbitrary Command Execution6.0
- CVE-2026-25622Arista Edge Threat Management NGFW Captive Portal Custom Handler Command Injection6.0
- CVE-2026-25621Arista Edge Threat Management NGFW Reports Application Insecure Input Validation6.0
- CVE-2026-25620Arista Edge Threat Management NGFW Captive Portal Encrypted Password Command Injection6.0
- CVE-2026-2379Arista EOS IPsec Tunnel Sequence Number Mismatch via Interface Flaps when Anti-Replay is Disabled5.9
- CVE-2026-7473Arista EOS Unexpected Tunnel Protocol Decapsulation and Forwarding BypassKEV5.8
- CVE-2025-5088Arista CloudVision Exchange (CVX) Cluster Privilege Escalation via MCS Redis Session8.3
- CVE-2025-5090Arista CloudVision Exchange Cluster Instability via Unexpected Switch Messages6.5
- CVE-2025-5089Arista EOS SysDB Agent Denial of Service via Malformed CVX Client/Server Messages6.5
- CVE-2025-8873Arista EOS Dataplane Denial of Service via Malformed IPsec Packet7.5
- CVE-2023-5502On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, a malicious supplicant may bypass authentication.5.9
- CVE-2024-27892On affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected (SSL Profiles Enabled).9.6
- CVE-2024-27890On affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected (No SSL Profiles Enabled).9.6
- CVE-2024-27891On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports.5.3