Arista

Ng Firewall

20 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.15%
  • Veröffentlicht 05.06.2026 19:34:37
  • Zuletzt bearbeitet 08.06.2026 19:08:16

An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Unvalidated user-supplied variables are echoed back to administrat...

  • EPSS 5.95%
  • Veröffentlicht 05.06.2026 19:31:49
  • Zuletzt bearbeitet 08.06.2026 19:10:25

An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Authenticated administrators can leverage this exposure to obtain underlying term...

  • EPSS 9.88%
  • Veröffentlicht 05.06.2026 19:29:57
  • Zuletzt bearbeitet 08.06.2026 19:10:56

A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). On affected platforms, an administrative account logged into the user interface can exploit this input h...

  • EPSS 0.22%
  • Veröffentlicht 05.06.2026 19:28:13
  • Zuletzt bearbeitet 08.06.2026 19:13:54

A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) due to insecure input validation. This issue uniquely affects version 17.4.0; earlier software releases are not expose...

  • EPSS 9.88%
  • Veröffentlicht 05.06.2026 19:26:36
  • Zuletzt bearbeitet 08.06.2026 19:15:23

An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). This issue uniquely affects version 17.4.0; earlier software releases ...

  • EPSS 0.5%
  • Veröffentlicht 23.04.2025 16:51:13
  • Zuletzt bearbeitet 14.08.2025 14:40:30

Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to expl...

  • EPSS 0.47%
  • Veröffentlicht 10.01.2025 22:15:27
  • Zuletzt bearbeitet 29.09.2025 12:16:29

Specially constructed queries cause cross platform scripting leaking administrator tokens

Exploit
  • EPSS 0.6%
  • Veröffentlicht 10.01.2025 22:15:27
  • Zuletzt bearbeitet 18.12.2025 15:05:22

Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privil...

  • EPSS 0.66%
  • Veröffentlicht 10.01.2025 22:15:26
  • Zuletzt bearbeitet 29.09.2025 12:34:31

The administrator is able to configure an insecure captive portal script

  • EPSS 0.16%
  • Veröffentlicht 10.01.2025 22:15:26
  • Zuletzt bearbeitet 29.09.2025 12:35:15

A user with administrator privileges is able to retrieve authentication tokens