Search criteria
45 vulnerabilities found for ng_firewall by arista
FKIE_CVE-2025-2767
Vulnerability from fkie_nvd - Published: 2025-04-23 17:16 - Updated: 2025-08-14 14:40
Severity ?
Summary
Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability.
The specific flaw exists within the processing of the User-Agent HTTP header. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24407.
References
| URL | Tags | ||
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-25-181/ | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arista | ng_firewall | 17.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:ng_firewall:17.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC15A9D-C423-4623-8940-9FE3744F4B4F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability.\n\nThe specific flaw exists within the processing of the User-Agent HTTP header. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24407."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en el agente de usuario del firewall Arista NG Cross-Site Scripting. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas del firewall Arista NG. Se requiere una m\u00ednima interacci\u00f3n del usuario para explotarla. La falla espec\u00edfica se encuentra en el procesamiento del encabezado HTTP User-Agent. El problema se debe a la falta de una validaci\u00f3n adecuada de los datos proporcionados por el usuario, lo que puede provocar la inyecci\u00f3n de un script arbitrario. Un atacante puede aprovechar esta vulnerabilidad para ejecutar c\u00f3digo en el contexto de root. Era ZDI-CAN-24407."
}
],
"id": "CVE-2025-2767",
"lastModified": "2025-08-14T14:40:30.180",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-04-23T17:16:54.657",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-181/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-9188
Vulnerability from fkie_nvd - Published: 2025-01-10 22:15 - Updated: 2025-09-29 12:16
Severity ?
Summary
Specially constructed queries cause cross platform scripting leaking administrator tokens
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arista | ng_firewall | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:ng_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E48E6FC7-9C47-4334-96C7-D4418610C021",
"versionEndExcluding": "17.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Specially constructed queries cause cross platform scripting leaking administrator tokens"
},
{
"lang": "es",
"value": "Las consultas especialmente construidas provocan que los tokens de administrador se filtren en secuencias de comandos multiplataforma"
}
],
"id": "CVE-2024-9188",
"lastModified": "2025-09-29T12:16:29.287",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "psirt@arista.com",
"type": "Secondary"
}
]
},
"published": "2025-01-10T22:15:27.150",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-9134
Vulnerability from fkie_nvd - Published: 2025-01-10 22:15 - Updated: 2025-12-18 15:05
Severity ?
Summary
Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.
References
| URL | Tags | ||
|---|---|---|---|
| psirt@arista.com | https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105 | Exploit, Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arista | ng_firewall | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:ng_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E48E6FC7-9C47-4334-96C7-D4418610C021",
"versionEndExcluding": "17.2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges."
},
{
"lang": "es",
"value": "Existen m\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en la aplicaci\u00f3n de informes. Un usuario con derechos de acceso avanzados a la aplicaci\u00f3n de informes puede aprovechar la inyecci\u00f3n SQL, lo que le permitir\u00e1 ejecutar comandos en el sistema operativo subyacente con privilegios elevados."
}
],
"id": "CVE-2024-9134",
"lastModified": "2025-12-18T15:05:22.270",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.5,
"source": "psirt@arista.com",
"type": "Secondary"
}
]
},
"published": "2025-01-10T22:15:27.033",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Exploit",
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-9133
Vulnerability from fkie_nvd - Published: 2025-01-10 22:15 - Updated: 2025-09-29 12:35
Severity ?
6.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
5.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L
5.6 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L
Summary
A user with administrator privileges is able to retrieve authentication tokens
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arista | ng_firewall | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:ng_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5F6DA5D-4017-40E3-A4E5-6A511F97068A",
"versionEndIncluding": "17.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A user with administrator privileges is able to retrieve authentication tokens"
},
{
"lang": "es",
"value": "Un usuario con privilegios de administrador puede recuperar tokens de autenticaci\u00f3n"
}
],
"id": "CVE-2024-9133",
"lastModified": "2025-09-29T12:35:15.230",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 4.7,
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-10T22:15:26.907",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-9131
Vulnerability from fkie_nvd - Published: 2025-01-10 22:15 - Updated: 2025-09-29 12:33
Severity ?
Summary
A user with administrator privileges can perform command injection
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arista | ng_firewall | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:ng_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5F6DA5D-4017-40E3-A4E5-6A511F97068A",
"versionEndIncluding": "17.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A user with administrator privileges can perform command injection"
},
{
"lang": "es",
"value": "Un usuario con privilegios de administrador puede realizar la inyecci\u00f3n de comandos"
}
],
"id": "CVE-2024-9131",
"lastModified": "2025-09-29T12:33:48.777",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "psirt@arista.com",
"type": "Secondary"
}
]
},
"published": "2025-01-10T22:15:26.667",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-88"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-47518
Vulnerability from fkie_nvd - Published: 2025-01-10 22:15 - Updated: 2025-09-29 12:30
Severity ?
6.4 (Medium) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L
7.6 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
7.6 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Summary
Specially constructed queries targeting ETM could discover active remote access sessions
References
| URL | Tags | ||
|---|---|---|---|
| psirt@arista.com | https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105 | Exploit, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arista | ng_firewall | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:ng_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5F6DA5D-4017-40E3-A4E5-6A511F97068A",
"versionEndIncluding": "17.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Specially constructed queries targeting ETM could discover active remote access sessions"
},
{
"lang": "es",
"value": "Las consultas especialmente construidas dirigidas a ETM podr\u00edan descubrir sesiones de acceso remoto activas"
}
],
"id": "CVE-2024-47518",
"lastModified": "2025-09-29T12:30:54.990",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 4.7,
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-10T22:15:26.053",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-552"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-9132
Vulnerability from fkie_nvd - Published: 2025-01-10 22:15 - Updated: 2025-09-29 12:34
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The administrator is able to configure an insecure captive portal script
References
| URL | Tags | ||
|---|---|---|---|
| psirt@arista.com | https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105 | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arista | ng_firewall | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:ng_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5F6DA5D-4017-40E3-A4E5-6A511F97068A",
"versionEndIncluding": "17.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The administrator is able to configure an insecure captive portal script"
},
{
"lang": "es",
"value": "El administrador puede configurar un script de portal cautivo inseguro"
}
],
"id": "CVE-2024-9132",
"lastModified": "2025-09-29T12:34:31.980",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-10T22:15:26.783",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-47519
Vulnerability from fkie_nvd - Published: 2025-01-10 22:15 - Updated: 2025-09-29 12:31
Severity ?
8.3 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
7.1 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
7.1 (High) - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
Summary
Backup uploads to ETM subject to man-in-the-middle interception
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arista | ng_firewall | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:ng_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5F6DA5D-4017-40E3-A4E5-6A511F97068A",
"versionEndIncluding": "17.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Backup uploads to ETM subject to man-in-the-middle interception"
},
{
"lang": "es",
"value": "Las cargas de respaldo a ETM est\u00e1n sujetas a intercepci\u00f3n por intermediarios"
}
],
"id": "CVE-2024-47519",
"lastModified": "2025-09-29T12:31:59.163",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.5,
"source": "psirt@arista.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 5.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-10T22:15:26.177",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-322"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-47520
Vulnerability from fkie_nvd - Published: 2025-01-10 22:15 - Updated: 2025-09-29 12:32
Severity ?
Summary
A user with advanced report application access rights can perform actions for which they are not authorized
References
| URL | Tags | ||
|---|---|---|---|
| psirt@arista.com | https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105 | Mitigation, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arista | ng_firewall | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:ng_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5F6DA5D-4017-40E3-A4E5-6A511F97068A",
"versionEndIncluding": "17.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A user with advanced report application access rights can perform actions for which they are not authorized"
},
{
"lang": "es",
"value": "Un usuario con derechos de acceso a la aplicaci\u00f3n de informes avanzados puede realizar acciones para las que no est\u00e1 autorizado"
}
],
"id": "CVE-2024-47520",
"lastModified": "2025-09-29T12:32:54.070",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 5.5,
"source": "psirt@arista.com",
"type": "Secondary"
}
]
},
"published": "2025-01-10T22:15:26.290",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-653"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
}
]
}
FKIE_CVE-2024-47517
Vulnerability from fkie_nvd - Published: 2025-01-10 22:15 - Updated: 2025-09-29 12:25
Severity ?
Summary
Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access
References
| URL | Tags | ||
|---|---|---|---|
| psirt@arista.com | https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105 | Exploit, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| arista | ng_firewall | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista:ng_firewall:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E5F6DA5D-4017-40E3-A4E5-6A511F97068A",
"versionEndIncluding": "17.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access"
},
{
"lang": "es",
"value": "Los tokens de autenticaci\u00f3n de administrador vencidos e inutilizables pueden ser revelados por unidades que han agotado el tiempo de acceso a ETM."
}
],
"id": "CVE-2024-47517",
"lastModified": "2025-09-29T12:25:57.620",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.1,
"impactScore": 4.7,
"source": "psirt@arista.com",
"type": "Secondary"
}
]
},
"published": "2025-01-10T22:15:25.923",
"references": [
{
"source": "psirt@arista.com",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"sourceIdentifier": "psirt@arista.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-1230"
}
],
"source": "psirt@arista.com",
"type": "Secondary"
}
]
}
CVE-2025-2767 (GCVE-0-2025-2767)
Vulnerability from cvelistv5 – Published: 2025-04-23 16:51 – Updated: 2025-04-23 18:04
VLAI?
Title
Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability
Summary
Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability.
The specific flaw exists within the processing of the User-Agent HTTP header. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24407.
Severity ?
8.8 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista | NG Firewall |
Affected:
17.1.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2767",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T18:04:12.444721Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:04:24.256Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "NG Firewall",
"vendor": "Arista",
"versions": [
{
"status": "affected",
"version": "17.1.1"
}
]
}
],
"dateAssigned": "2025-03-24T19:43:23.503Z",
"datePublic": "2025-03-25T23:22:46.253Z",
"descriptions": [
{
"lang": "en",
"value": "Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability.\n\nThe specific flaw exists within the processing of the User-Agent HTTP header. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24407."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:51:13.474Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-181",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-181/"
}
],
"source": {
"lang": "en",
"value": "Gereon Huppertz"
},
"title": "Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-2767",
"datePublished": "2025-04-23T16:51:13.474Z",
"dateReserved": "2025-03-24T19:43:23.478Z",
"dateUpdated": "2025-04-23T18:04:24.256Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9188 (GCVE-0-2024-9188)
Vulnerability from cvelistv5 – Published: 2025-01-10 22:05 – Updated: 2025-01-13 20:07
VLAI?
Title
Specially constructed queries cause cross platform scripting leaking administrator tokens
Summary
Specially constructed queries cause cross platform scripting leaking administrator tokens
Severity ?
8.8 (High)
CWE
- cwe-287
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
Credits
Gereon Huppertz
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9188",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:07:44.936182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:07:56.835Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo required configuration.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No required configuration."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gereon Huppertz"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSpecially constructed queries cause cross platform scripting leaking administrator tokens\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Specially constructed queries cause cross platform scripting leaking administrator tokens"
}
],
"impacts": [
{
"capecId": "CAPEC-39",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-39 Manipulating Opaque Client-based Data Tokens"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-287",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T22:05:26.349Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14822"
],
"discovery": "EXTERNAL"
},
"title": "Specially constructed queries cause cross platform scripting leaking administrator tokens",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo known mitigation.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No known mitigation."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-9188",
"datePublished": "2025-01-10T22:05:26.349Z",
"dateReserved": "2024-09-25T20:35:08.729Z",
"dateUpdated": "2025-01-13T20:07:56.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47520 (GCVE-0-2024-47520)
Vulnerability from cvelistv5 – Published: 2025-01-10 22:00 – Updated: 2025-01-13 20:11
VLAI?
Title
A user with advanced report application access rights can perform actions for which they are not authorized
Summary
A user with advanced report application access rights can perform actions for which they are not authorized
Severity ?
7.6 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
Credits
Mehmet INCE from PRODAFT.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47520",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:11:32.475074Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:11:36.240Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIf the NGFW has one or more Report application Report Users with Online Access enabled they are vulnerable.\u003c/p\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eTo access this information:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and navigate to the Reports application.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-4.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eThe above picture shows the configuration panel for user access. The \u201c\u003ca target=\"_blank\" rel=\"nofollow\"\u003ereportuser@domain.com\u003c/a\u003e\u201d user has \u201cOnline Access\u201d checked, which is required in order to be vulnerable.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "If the NGFW has one or more Report application Report Users with Online Access enabled they are vulnerable.\n\n\u00a0\n\nTo access this information:\n\n * As the NGFW administrator, log into the UI and navigate to the Reports application.\n\n\nThe above picture shows the configuration panel for user access. The \u201creportuser@domain.com\u201d user has \u201cOnline Access\u201d checked, which is required in order to be vulnerable."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch4\u003eA user with advanced report application access rights can perform actions for which they are not authorized\u003c/h4\u003e\u003cbr\u003e"
}
],
"value": "A user with advanced report application access rights can perform actions for which they are not authorized"
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-653",
"description": "CWE-653",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T22:00:56.183Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14707"
],
"discovery": "EXTERNAL"
},
"title": "A user with advanced report application access rights can perform actions for which they are not authorized",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eFor the Reports application, for all Reports Users, disable \u003ci\u003eOnline Access.\u003c/i\u003e\u003c/p\u003e\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-5.png\"\u003e\u003c/p\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eTo do this:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and go to the Reports application.\u003c/li\u003e\u003cli\u003eFor all users with the Online Access checkbox (red box) enabled, uncheck it.\u003c/li\u003e\u003cli\u003eClick Save.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "For the Reports application, for all Reports Users, disable Online Access.\n\n\n\n\u00a0\n\nTo do this:\n\n * As the NGFW administrator, log into the UI and go to the Reports application.\n * For all users with the Online Access checkbox (red box) enabled, uncheck it.\n * Click Save."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-47520",
"datePublished": "2025-01-10T22:00:56.183Z",
"dateReserved": "2024-09-25T20:29:43.984Z",
"dateUpdated": "2025-01-13T20:11:36.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47519 (GCVE-0-2024-47519)
Vulnerability from cvelistv5 – Published: 2025-01-10 21:56 – Updated: 2025-01-13 20:12
VLAI?
Title
Backup uploads to ETM subject to man-in-the-middle interception
Summary
Backup uploads to ETM subject to man-in-the-middle interception
Severity ?
8.3 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
Credits
Mehmet INCE from PRODAFT.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47519",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:11:59.715430Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:12:34.769Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the user interface and navigate to the Apps and Services page.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-8.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eIf you do not see the Configuration Backup service application, it is not installed and the system is not vulnerable.\u003c/li\u003e\u003cli\u003eClick the Configuration Backup application\u003c/li\u003e\u003cli\u003eIf you see the status that \u003cb\u003eConfiguration Backup is disabled\u003c/b\u003e, the system is not vulnerable.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-9.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eClick the Cloud tab.\u003c/li\u003e\u003cli\u003eClick Backup Now.\u003c/li\u003e\u003cli\u003eLog into Edge Threat Management.\u003c/li\u003e\u003cli\u003eGo to Appliances and Backups.\u003c/li\u003e\u003cli\u003eVerify that you see a new backup.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-10.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "* As the NGFW administrator, log into the user interface and navigate to the Apps and Services page.\n\n\n * If you do not see the Configuration Backup service application, it is not installed and the system is not vulnerable.\n * Click the Configuration Backup application\n * If you see the status that Configuration Backup is disabled, the system is not vulnerable.\n\n\n * Click the Cloud tab.\n * Click Backup Now.\n * Log into Edge Threat Management.\n * Go to Appliances and Backups.\n * Verify that you see a new backup."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eBackup uploads to ETM subject to man-in-the-middle interception\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Backup uploads to ETM subject to man-in-the-middle interception"
}
],
"impacts": [
{
"capecId": "CAPEC-94",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-94 Adversary in the Middle (AiTM)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-322",
"description": "CWE-322",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:56:54.553Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14708"
],
"discovery": "EXTERNAL"
},
"title": "Backup uploads to ETM subject to man-in-the-middle interception",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDisable Configuration Backup application.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Disable Configuration Backup application."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-47519",
"datePublished": "2025-01-10T21:56:54.553Z",
"dateReserved": "2024-09-25T20:29:43.984Z",
"dateUpdated": "2025-01-13T20:12:34.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47518 (GCVE-0-2024-47518)
Vulnerability from cvelistv5 – Published: 2025-01-10 21:52 – Updated: 2025-01-13 20:12
VLAI?
Title
Specially constructed queries targeting ETM could discover active remote access sessions
Summary
Specially constructed queries targeting ETM could discover active remote access sessions
Severity ?
6.4 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47518",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:12:47.805872Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:12:59.435Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003col\u003e\u003cli\u003eLog into Edge Threat Management (ETM).\u003c/li\u003e\u003cli\u003eGo to Appliances, and click your target NGFW.\u003c/li\u003e\u003cli\u003eOn the NGFW appliance page, click Remote Access.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-6.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eLeave the connection running.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "* Log into Edge Threat Management (ETM).\n * Go to Appliances, and click your target NGFW.\n * On the NGFW appliance page, click Remote Access.\n\n\n * Leave the connection running."
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSpecially constructed queries targeting ETM could discover active remote access sessions\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Specially constructed queries targeting ETM could discover active remote access sessions"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:52:19.808Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14626"
],
"discovery": "EXTERNAL"
},
"title": "Specially constructed queries targeting ETM could discover active remote access sessions",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAfter you have completed your Remote Access session, close the NGFW window.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "After you have completed your Remote Access session, close the NGFW window."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-47518",
"datePublished": "2025-01-10T21:52:19.808Z",
"dateReserved": "2024-09-25T20:29:43.984Z",
"dateUpdated": "2025-01-13T20:12:59.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47517 (GCVE-0-2024-47517)
Vulnerability from cvelistv5 – Published: 2025-01-10 21:47 – Updated: 2025-01-13 20:13
VLAI?
Title
Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access
Summary
Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access
Severity ?
6.8 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
Credits
Mehmet INCE from PRODAFT.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47517",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:13:17.296191Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:13:25.964Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003col\u003e\u003cli\u003eLog into Edge Threat Management (ETM).\u003c/li\u003e\u003cli\u003eGo to Appliances, and click your target NGFW.\u003c/li\u003e\u003cli\u003eOn the NGFW appliance page, click Remote Access.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-6.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eWith the NGFW UI in a new tab or window, let the connection expire. \u0026nbsp;\u003c/li\u003e\u003cli\u003eAfter the session has expired, any attempt to perform actions will notify you of the need to enable Remote Access again.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "* Log into Edge Threat Management (ETM).\n * Go to Appliances, and click your target NGFW.\n * On the NGFW appliance page, click Remote Access.\n\n\n * With the NGFW UI in a new tab or window, let the connection expire. \u00a0\n * After the session has expired, any attempt to perform actions will notify you of the need to enable Remote Access again."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eExpired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access"
}
],
"impacts": [
{
"capecId": "CAPEC-639",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-639"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1230",
"description": "CWE-1230",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:47:30.950Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14754"
],
"discovery": "EXTERNAL"
},
"title": "Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAfter you have completed NGFW operations with Remote Access, close the browser window or tab.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "After you have completed NGFW operations with Remote Access, close the browser window or tab."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-47517",
"datePublished": "2025-01-10T21:47:30.950Z",
"dateReserved": "2024-09-25T20:29:43.984Z",
"dateUpdated": "2025-01-13T20:13:25.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9134 (GCVE-0-2024-9134)
Vulnerability from cvelistv5 – Published: 2025-01-10 21:44 – Updated: 2025-01-13 20:14
VLAI?
Title
Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.
Summary
Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.
Severity ?
8.3 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
Credits
Mehmet INCE from PRODAFT.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9134",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:13:52.238229Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:14:00.556Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIf the NGFW has one or more Report application Report Users with Online Access enabled they are vulnerable.\u003c/p\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eTo access this information:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and navigate to the Reports application.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-4.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eThe above picture shows the configuration panel for user access. The \u201c\u003ca target=\"_blank\" rel=\"nofollow\"\u003ereportuser@domain.com\u003c/a\u003e\u201d user has \u201cOnline Access\u201d checked, which is required in order to be vulnerable.\u003c/p\u003e\u003ch4\u003eIndicators of Compromise\u003c/h4\u003e\u003cp\u003eAny compromise will reveal itself via the postgres user running a non-standard postgres process. \u0026nbsp;\u003c/p\u003e\u003cp\u003eFor example, an appropriate process list for running the postgres database will look like:\u003c/p\u003e\u003cpre\u003e# ps -u postgres -f\nUID \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; PID \u0026nbsp; PPID C STIME TTY \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; TIME CMD\npostgres 94057 \u0026nbsp; \u0026nbsp; 1 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:00 /usr/lib/postgresql/13/bin/postgres -D /var/lib/postgresql/13/main -c config_file=/etc/postgresql/13/main/postgresql.conf\npostgres 94063 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:02 postgres: 13/main: checkpointer\npostgres 94064 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:00 postgres: 13/main: background writer\npostgres 94065 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:12 postgres: 13/main: walwriter\npostgres 94066 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:00 postgres: 13/main: autovacuum launcher\npostgres 94067 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:01 postgres: 13/main: stats collector\npostgres 94068 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:00 postgres: 13/main: logical replication launcher\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eAdditional processes run by the postgres user indicating a potential compromise may look like:\u003c/p\u003e\u003cpre\u003epostgres 100172 100171 0 Feb06 pts/2 \u0026nbsp; 00:00:00 bash\u003c/pre\u003e\u003cbr\u003e"
}
],
"value": "If the NGFW has one or more Report application Report Users with Online Access enabled they are vulnerable.\n\n\u00a0\n\nTo access this information:\n\n * As the NGFW administrator, log into the UI and navigate to the Reports application.\n\n\nThe above picture shows the configuration panel for user access. The \u201creportuser@domain.com\u201d user has \u201cOnline Access\u201d checked, which is required in order to be vulnerable.\n\nIndicators of CompromiseAny compromise will reveal itself via the postgres user running a non-standard postgres process. \u00a0\n\nFor example, an appropriate process list for running the postgres database will look like:\n\n# ps -u postgres -f\nUID \u00a0 \u00a0 \u00a0 \u00a0 PID \u00a0 PPID C STIME TTY \u00a0 \u00a0 \u00a0 \u00a0 TIME CMD\npostgres 94057 \u00a0 \u00a0 1 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:00 /usr/lib/postgresql/13/bin/postgres -D /var/lib/postgresql/13/main -c config_file=/etc/postgresql/13/main/postgresql.conf\npostgres 94063 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:02 postgres: 13/main: checkpointer\npostgres 94064 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:00 postgres: 13/main: background writer\npostgres 94065 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:12 postgres: 13/main: walwriter\npostgres 94066 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:00 postgres: 13/main: autovacuum launcher\npostgres 94067 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:01 postgres: 13/main: stats collector\npostgres 94068 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:00 postgres: 13/main: logical replication launcher\n\n\n\u00a0\n\nAdditional processes run by the postgres user indicating a potential compromise may look like:\n\npostgres 100172 100171 0 Feb06 pts/2 \u00a0 00:00:00 bash"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMultiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:44:17.415Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14721"
],
"discovery": "EXTERNAL"
},
"title": "Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eFor the Reports application, for all Reports Users, disable \u003ci\u003eOnline Access.\u003c/i\u003e\u003c/p\u003e\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-5.png\"\u003e\u003c/p\u003e\u003cdiv\u003eTo do this:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and go to the Reports application.\u003c/li\u003e\u003cli\u003eFor all users with the \u003ci\u003eOnline Access\u003c/i\u003e\u0026nbsp;checkbox (red box) enabled, uncheck it.\u003c/li\u003e\u003cli\u003eClick Save.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "For the Reports application, for all Reports Users, disable Online Access.\n\n\n\nTo do this:\n\n * As the NGFW administrator, log into the UI and go to the Reports application.\n * For all users with the Online Access\u00a0checkbox (red box) enabled, uncheck it.\n * Click Save."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-9134",
"datePublished": "2025-01-10T21:44:17.415Z",
"dateReserved": "2024-09-23T22:01:04.566Z",
"dateUpdated": "2025-01-13T20:14:00.556Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9133 (GCVE-0-2024-9133)
Vulnerability from cvelistv5 – Published: 2025-01-10 21:40 – Updated: 2025-01-13 17:50
VLAI?
Title
A user with administrator privileges is able to retrieve authentication tokens
Summary
A user with administrator privileges is able to retrieve authentication tokens
Severity ?
6.6 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
Credits
Mehmet INCE from PRODAFT.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9133",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T17:50:01.347130Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T17:50:10.084Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo required configuration.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No required configuration."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA user with administrator privileges is able to retrieve authentication tokens\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A user with administrator privileges is able to retrieve authentication tokens"
}
],
"impacts": [
{
"capecId": "CAPEC-639",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-639"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:40:24.875Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14800"
],
"discovery": "EXTERNAL"
},
"title": "A user with administrator privileges is able to retrieve authentication tokens",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo known mitigation.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No known mitigation."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-9133",
"datePublished": "2025-01-10T21:40:24.875Z",
"dateReserved": "2024-09-23T22:01:02.674Z",
"dateUpdated": "2025-01-13T17:50:10.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9132 (GCVE-0-2024-9132)
Vulnerability from cvelistv5 – Published: 2025-01-10 21:35 – Updated: 2025-01-13 17:49
VLAI?
Title
The administrator is able to configure an insecure captive portal script
Summary
The administrator is able to configure an insecure captive portal script
Severity ?
8.1 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
Credits
Mehmet INCE from PRODAFT.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9132",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T17:48:50.056627Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T17:49:01.649Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the user interface and navigate to the Apps and Services page.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-1.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eIf you do not see the Captive Portal application, it is not installed and the system is not \u003c/li\u003e\u003cli\u003evulnerable.\u003c/li\u003e\u003cli\u003eClick the Captive Portal application\u003c/li\u003e\u003cli\u003eIf you see the status that \u003cb\u003eCaptive Portal is disabled\u003c/b\u003e, the system is not vulnerable.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-2.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eClick the Captive Page tab.\u003c/li\u003e\u003cli\u003eIf the Custom radio button is not selected, the system is not vulnerable.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-3.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eAn example of a vulnerable page (The \u201cCustom\u201d radio button is selected)\u003c/p\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "* As the NGFW administrator, log into the user interface and navigate to the Apps and Services page.\n\n\n * If you do not see the Captive Portal application, it is not installed and the system is not \n * vulnerable.\n * Click the Captive Portal application\n * If you see the status that Captive Portal is disabled, the system is not vulnerable.\n\n\n * Click the Captive Page tab.\n * If the Custom radio button is not selected, the system is not vulnerable.\n\n\nAn example of a vulnerable page (The \u201cCustom\u201d radio button is selected)"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe administrator is able to configure an insecure captive portal script\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "The administrator is able to configure an insecure captive portal script"
}
],
"impacts": [
{
"capecId": "CAPEC-229",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-229"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:35:14.483Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14744"
],
"discovery": "EXTERNAL"
},
"title": "The administrator is able to configure an insecure captive portal script",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eDisable custom page.\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\u003c/li\u003e\u003cli\u003eSelect either \u201c\u003ci\u003eBasic Message\u003c/i\u003e\u201d or \u201c\u003ci\u003eBasic Login\u201d\u003c/i\u003e\u003c/li\u003e\u003cli\u003eClick Save.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "Disable custom page.\n\n * As the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n * Select either \u201cBasic Message\u201d or \u201cBasic Login\u201d\n * Click Save."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-9132",
"datePublished": "2025-01-10T21:35:14.483Z",
"dateReserved": "2024-09-23T22:01:00.888Z",
"dateUpdated": "2025-01-13T17:49:01.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9131 (GCVE-0-2024-9131)
Vulnerability from cvelistv5 – Published: 2025-01-10 21:28 – Updated: 2025-01-13 15:45
VLAI?
Title
A user with administrator privileges can perform command injection
Summary
A user with administrator privileges can perform command injection
Severity ?
7.2 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
Credits
Mehmet INCE from PRODAFT.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9131",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T15:45:46.119591Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T15:45:58.848Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo required configuration.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No required configuration."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA user with administrator privileges can perform command injection\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A user with administrator privileges can perform command injection"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:28:47.417Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14800"
],
"discovery": "EXTERNAL"
},
"title": "A user with administrator privileges can perform command injection",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo known mitigation.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No known mitigation."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-9131",
"datePublished": "2025-01-10T21:28:47.417Z",
"dateReserved": "2024-09-23T22:00:58.758Z",
"dateUpdated": "2025-01-13T15:45:58.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2767 (GCVE-0-2025-2767)
Vulnerability from nvd – Published: 2025-04-23 16:51 – Updated: 2025-04-23 18:04
VLAI?
Title
Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability
Summary
Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability.
The specific flaw exists within the processing of the User-Agent HTTP header. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24407.
Severity ?
8.8 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista | NG Firewall |
Affected:
17.1.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2767",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T18:04:12.444721Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:04:24.256Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "NG Firewall",
"vendor": "Arista",
"versions": [
{
"status": "affected",
"version": "17.1.1"
}
]
}
],
"dateAssigned": "2025-03-24T19:43:23.503Z",
"datePublic": "2025-03-25T23:22:46.253Z",
"descriptions": [
{
"lang": "en",
"value": "Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Arista NG Firewall. Minimal user interaction is required to exploit this vulnerability.\n\nThe specific flaw exists within the processing of the User-Agent HTTP header. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-24407."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:51:13.474Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-181",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-181/"
}
],
"source": {
"lang": "en",
"value": "Gereon Huppertz"
},
"title": "Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-2767",
"datePublished": "2025-04-23T16:51:13.474Z",
"dateReserved": "2025-03-24T19:43:23.478Z",
"dateUpdated": "2025-04-23T18:04:24.256Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9134 (GCVE-0-2024-9134)
Vulnerability from nvd – Published: 2025-01-10 21:44 – Updated: 2025-01-13 20:14
VLAI?
Title
Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.
Summary
Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.
Severity ?
8.3 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
Credits
Mehmet INCE from PRODAFT.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9134",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:13:52.238229Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:14:00.556Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIf the NGFW has one or more Report application Report Users with Online Access enabled they are vulnerable.\u003c/p\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eTo access this information:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and navigate to the Reports application.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-4.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eThe above picture shows the configuration panel for user access. The \u201c\u003ca target=\"_blank\" rel=\"nofollow\"\u003ereportuser@domain.com\u003c/a\u003e\u201d user has \u201cOnline Access\u201d checked, which is required in order to be vulnerable.\u003c/p\u003e\u003ch4\u003eIndicators of Compromise\u003c/h4\u003e\u003cp\u003eAny compromise will reveal itself via the postgres user running a non-standard postgres process. \u0026nbsp;\u003c/p\u003e\u003cp\u003eFor example, an appropriate process list for running the postgres database will look like:\u003c/p\u003e\u003cpre\u003e# ps -u postgres -f\nUID \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; PID \u0026nbsp; PPID C STIME TTY \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; TIME CMD\npostgres 94057 \u0026nbsp; \u0026nbsp; 1 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:00 /usr/lib/postgresql/13/bin/postgres -D /var/lib/postgresql/13/main -c config_file=/etc/postgresql/13/main/postgresql.conf\npostgres 94063 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:02 postgres: 13/main: checkpointer\npostgres 94064 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:00 postgres: 13/main: background writer\npostgres 94065 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:12 postgres: 13/main: walwriter\npostgres 94066 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:00 postgres: 13/main: autovacuum launcher\npostgres 94067 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:01 postgres: 13/main: stats collector\npostgres 94068 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:00 postgres: 13/main: logical replication launcher\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eAdditional processes run by the postgres user indicating a potential compromise may look like:\u003c/p\u003e\u003cpre\u003epostgres 100172 100171 0 Feb06 pts/2 \u0026nbsp; 00:00:00 bash\u003c/pre\u003e\u003cbr\u003e"
}
],
"value": "If the NGFW has one or more Report application Report Users with Online Access enabled they are vulnerable.\n\n\u00a0\n\nTo access this information:\n\n * As the NGFW administrator, log into the UI and navigate to the Reports application.\n\n\nThe above picture shows the configuration panel for user access. The \u201creportuser@domain.com\u201d user has \u201cOnline Access\u201d checked, which is required in order to be vulnerable.\n\nIndicators of CompromiseAny compromise will reveal itself via the postgres user running a non-standard postgres process. \u00a0\n\nFor example, an appropriate process list for running the postgres database will look like:\n\n# ps -u postgres -f\nUID \u00a0 \u00a0 \u00a0 \u00a0 PID \u00a0 PPID C STIME TTY \u00a0 \u00a0 \u00a0 \u00a0 TIME CMD\npostgres 94057 \u00a0 \u00a0 1 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:00 /usr/lib/postgresql/13/bin/postgres -D /var/lib/postgresql/13/main -c config_file=/etc/postgresql/13/main/postgresql.conf\npostgres 94063 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:02 postgres: 13/main: checkpointer\npostgres 94064 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:00 postgres: 13/main: background writer\npostgres 94065 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:12 postgres: 13/main: walwriter\npostgres 94066 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:00 postgres: 13/main: autovacuum launcher\npostgres 94067 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:01 postgres: 13/main: stats collector\npostgres 94068 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:00 postgres: 13/main: logical replication launcher\n\n\n\u00a0\n\nAdditional processes run by the postgres user indicating a potential compromise may look like:\n\npostgres 100172 100171 0 Feb06 pts/2 \u00a0 00:00:00 bash"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMultiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:44:17.415Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14721"
],
"discovery": "EXTERNAL"
},
"title": "Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eFor the Reports application, for all Reports Users, disable \u003ci\u003eOnline Access.\u003c/i\u003e\u003c/p\u003e\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-5.png\"\u003e\u003c/p\u003e\u003cdiv\u003eTo do this:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and go to the Reports application.\u003c/li\u003e\u003cli\u003eFor all users with the \u003ci\u003eOnline Access\u003c/i\u003e\u0026nbsp;checkbox (red box) enabled, uncheck it.\u003c/li\u003e\u003cli\u003eClick Save.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "For the Reports application, for all Reports Users, disable Online Access.\n\n\n\nTo do this:\n\n * As the NGFW administrator, log into the UI and go to the Reports application.\n * For all users with the Online Access\u00a0checkbox (red box) enabled, uncheck it.\n * Click Save."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-9134",
"datePublished": "2025-01-10T21:44:17.415Z",
"dateReserved": "2024-09-23T22:01:04.566Z",
"dateUpdated": "2025-01-13T20:14:00.556Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9188 (GCVE-0-2024-9188)
Vulnerability from nvd – Published: 2025-01-10 22:05 – Updated: 2025-01-13 20:07
VLAI?
Title
Specially constructed queries cause cross platform scripting leaking administrator tokens
Summary
Specially constructed queries cause cross platform scripting leaking administrator tokens
Severity ?
8.8 (High)
CWE
- cwe-287
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
Credits
Gereon Huppertz
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9188",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:07:44.936182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:07:56.835Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo required configuration.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No required configuration."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gereon Huppertz"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSpecially constructed queries cause cross platform scripting leaking administrator tokens\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Specially constructed queries cause cross platform scripting leaking administrator tokens"
}
],
"impacts": [
{
"capecId": "CAPEC-39",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-39 Manipulating Opaque Client-based Data Tokens"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-287",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T22:05:26.349Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14822"
],
"discovery": "EXTERNAL"
},
"title": "Specially constructed queries cause cross platform scripting leaking administrator tokens",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo known mitigation.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No known mitigation."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-9188",
"datePublished": "2025-01-10T22:05:26.349Z",
"dateReserved": "2024-09-25T20:35:08.729Z",
"dateUpdated": "2025-01-13T20:07:56.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47520 (GCVE-0-2024-47520)
Vulnerability from nvd – Published: 2025-01-10 22:00 – Updated: 2025-01-13 20:11
VLAI?
Title
A user with advanced report application access rights can perform actions for which they are not authorized
Summary
A user with advanced report application access rights can perform actions for which they are not authorized
Severity ?
7.6 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
Credits
Mehmet INCE from PRODAFT.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47520",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:11:32.475074Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:11:36.240Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIf the NGFW has one or more Report application Report Users with Online Access enabled they are vulnerable.\u003c/p\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eTo access this information:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and navigate to the Reports application.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-4.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eThe above picture shows the configuration panel for user access. The \u201c\u003ca target=\"_blank\" rel=\"nofollow\"\u003ereportuser@domain.com\u003c/a\u003e\u201d user has \u201cOnline Access\u201d checked, which is required in order to be vulnerable.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "If the NGFW has one or more Report application Report Users with Online Access enabled they are vulnerable.\n\n\u00a0\n\nTo access this information:\n\n * As the NGFW administrator, log into the UI and navigate to the Reports application.\n\n\nThe above picture shows the configuration panel for user access. The \u201creportuser@domain.com\u201d user has \u201cOnline Access\u201d checked, which is required in order to be vulnerable."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch4\u003eA user with advanced report application access rights can perform actions for which they are not authorized\u003c/h4\u003e\u003cbr\u003e"
}
],
"value": "A user with advanced report application access rights can perform actions for which they are not authorized"
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-653",
"description": "CWE-653",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T22:00:56.183Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14707"
],
"discovery": "EXTERNAL"
},
"title": "A user with advanced report application access rights can perform actions for which they are not authorized",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eFor the Reports application, for all Reports Users, disable \u003ci\u003eOnline Access.\u003c/i\u003e\u003c/p\u003e\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-5.png\"\u003e\u003c/p\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eTo do this:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and go to the Reports application.\u003c/li\u003e\u003cli\u003eFor all users with the Online Access checkbox (red box) enabled, uncheck it.\u003c/li\u003e\u003cli\u003eClick Save.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "For the Reports application, for all Reports Users, disable Online Access.\n\n\n\n\u00a0\n\nTo do this:\n\n * As the NGFW administrator, log into the UI and go to the Reports application.\n * For all users with the Online Access checkbox (red box) enabled, uncheck it.\n * Click Save."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-47520",
"datePublished": "2025-01-10T22:00:56.183Z",
"dateReserved": "2024-09-25T20:29:43.984Z",
"dateUpdated": "2025-01-13T20:11:36.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47519 (GCVE-0-2024-47519)
Vulnerability from nvd – Published: 2025-01-10 21:56 – Updated: 2025-01-13 20:12
VLAI?
Title
Backup uploads to ETM subject to man-in-the-middle interception
Summary
Backup uploads to ETM subject to man-in-the-middle interception
Severity ?
8.3 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
Credits
Mehmet INCE from PRODAFT.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47519",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:11:59.715430Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:12:34.769Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the user interface and navigate to the Apps and Services page.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-8.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eIf you do not see the Configuration Backup service application, it is not installed and the system is not vulnerable.\u003c/li\u003e\u003cli\u003eClick the Configuration Backup application\u003c/li\u003e\u003cli\u003eIf you see the status that \u003cb\u003eConfiguration Backup is disabled\u003c/b\u003e, the system is not vulnerable.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-9.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eClick the Cloud tab.\u003c/li\u003e\u003cli\u003eClick Backup Now.\u003c/li\u003e\u003cli\u003eLog into Edge Threat Management.\u003c/li\u003e\u003cli\u003eGo to Appliances and Backups.\u003c/li\u003e\u003cli\u003eVerify that you see a new backup.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-10.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "* As the NGFW administrator, log into the user interface and navigate to the Apps and Services page.\n\n\n * If you do not see the Configuration Backup service application, it is not installed and the system is not vulnerable.\n * Click the Configuration Backup application\n * If you see the status that Configuration Backup is disabled, the system is not vulnerable.\n\n\n * Click the Cloud tab.\n * Click Backup Now.\n * Log into Edge Threat Management.\n * Go to Appliances and Backups.\n * Verify that you see a new backup."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eBackup uploads to ETM subject to man-in-the-middle interception\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Backup uploads to ETM subject to man-in-the-middle interception"
}
],
"impacts": [
{
"capecId": "CAPEC-94",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-94 Adversary in the Middle (AiTM)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-322",
"description": "CWE-322",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:56:54.553Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14708"
],
"discovery": "EXTERNAL"
},
"title": "Backup uploads to ETM subject to man-in-the-middle interception",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDisable Configuration Backup application.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Disable Configuration Backup application."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-47519",
"datePublished": "2025-01-10T21:56:54.553Z",
"dateReserved": "2024-09-25T20:29:43.984Z",
"dateUpdated": "2025-01-13T20:12:34.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47518 (GCVE-0-2024-47518)
Vulnerability from nvd – Published: 2025-01-10 21:52 – Updated: 2025-01-13 20:12
VLAI?
Title
Specially constructed queries targeting ETM could discover active remote access sessions
Summary
Specially constructed queries targeting ETM could discover active remote access sessions
Severity ?
6.4 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47518",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:12:47.805872Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:12:59.435Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003col\u003e\u003cli\u003eLog into Edge Threat Management (ETM).\u003c/li\u003e\u003cli\u003eGo to Appliances, and click your target NGFW.\u003c/li\u003e\u003cli\u003eOn the NGFW appliance page, click Remote Access.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-6.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eLeave the connection running.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "* Log into Edge Threat Management (ETM).\n * Go to Appliances, and click your target NGFW.\n * On the NGFW appliance page, click Remote Access.\n\n\n * Leave the connection running."
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSpecially constructed queries targeting ETM could discover active remote access sessions\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Specially constructed queries targeting ETM could discover active remote access sessions"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:52:19.808Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14626"
],
"discovery": "EXTERNAL"
},
"title": "Specially constructed queries targeting ETM could discover active remote access sessions",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAfter you have completed your Remote Access session, close the NGFW window.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "After you have completed your Remote Access session, close the NGFW window."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-47518",
"datePublished": "2025-01-10T21:52:19.808Z",
"dateReserved": "2024-09-25T20:29:43.984Z",
"dateUpdated": "2025-01-13T20:12:59.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47517 (GCVE-0-2024-47517)
Vulnerability from nvd – Published: 2025-01-10 21:47 – Updated: 2025-01-13 20:13
VLAI?
Title
Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access
Summary
Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access
Severity ?
6.8 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
Credits
Mehmet INCE from PRODAFT.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47517",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:13:17.296191Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:13:25.964Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003col\u003e\u003cli\u003eLog into Edge Threat Management (ETM).\u003c/li\u003e\u003cli\u003eGo to Appliances, and click your target NGFW.\u003c/li\u003e\u003cli\u003eOn the NGFW appliance page, click Remote Access.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-6.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eWith the NGFW UI in a new tab or window, let the connection expire. \u0026nbsp;\u003c/li\u003e\u003cli\u003eAfter the session has expired, any attempt to perform actions will notify you of the need to enable Remote Access again.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "* Log into Edge Threat Management (ETM).\n * Go to Appliances, and click your target NGFW.\n * On the NGFW appliance page, click Remote Access.\n\n\n * With the NGFW UI in a new tab or window, let the connection expire. \u00a0\n * After the session has expired, any attempt to perform actions will notify you of the need to enable Remote Access again."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eExpired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access"
}
],
"impacts": [
{
"capecId": "CAPEC-639",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-639"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1230",
"description": "CWE-1230",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:47:30.950Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14754"
],
"discovery": "EXTERNAL"
},
"title": "Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAfter you have completed NGFW operations with Remote Access, close the browser window or tab.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "After you have completed NGFW operations with Remote Access, close the browser window or tab."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-47517",
"datePublished": "2025-01-10T21:47:30.950Z",
"dateReserved": "2024-09-25T20:29:43.984Z",
"dateUpdated": "2025-01-13T20:13:25.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9133 (GCVE-0-2024-9133)
Vulnerability from nvd – Published: 2025-01-10 21:40 – Updated: 2025-01-13 17:50
VLAI?
Title
A user with administrator privileges is able to retrieve authentication tokens
Summary
A user with administrator privileges is able to retrieve authentication tokens
Severity ?
6.6 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
Credits
Mehmet INCE from PRODAFT.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9133",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T17:50:01.347130Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T17:50:10.084Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo required configuration.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No required configuration."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA user with administrator privileges is able to retrieve authentication tokens\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A user with administrator privileges is able to retrieve authentication tokens"
}
],
"impacts": [
{
"capecId": "CAPEC-639",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-639"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:40:24.875Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14800"
],
"discovery": "EXTERNAL"
},
"title": "A user with administrator privileges is able to retrieve authentication tokens",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo known mitigation.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No known mitigation."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-9133",
"datePublished": "2025-01-10T21:40:24.875Z",
"dateReserved": "2024-09-23T22:01:02.674Z",
"dateUpdated": "2025-01-13T17:50:10.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9132 (GCVE-0-2024-9132)
Vulnerability from nvd – Published: 2025-01-10 21:35 – Updated: 2025-01-13 17:49
VLAI?
Title
The administrator is able to configure an insecure captive portal script
Summary
The administrator is able to configure an insecure captive portal script
Severity ?
8.1 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
Credits
Mehmet INCE from PRODAFT.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9132",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T17:48:50.056627Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T17:49:01.649Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the user interface and navigate to the Apps and Services page.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-1.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eIf you do not see the Captive Portal application, it is not installed and the system is not \u003c/li\u003e\u003cli\u003evulnerable.\u003c/li\u003e\u003cli\u003eClick the Captive Portal application\u003c/li\u003e\u003cli\u003eIf you see the status that \u003cb\u003eCaptive Portal is disabled\u003c/b\u003e, the system is not vulnerable.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-2.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eClick the Captive Page tab.\u003c/li\u003e\u003cli\u003eIf the Custom radio button is not selected, the system is not vulnerable.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-3.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eAn example of a vulnerable page (The \u201cCustom\u201d radio button is selected)\u003c/p\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "* As the NGFW administrator, log into the user interface and navigate to the Apps and Services page.\n\n\n * If you do not see the Captive Portal application, it is not installed and the system is not \n * vulnerable.\n * Click the Captive Portal application\n * If you see the status that Captive Portal is disabled, the system is not vulnerable.\n\n\n * Click the Captive Page tab.\n * If the Custom radio button is not selected, the system is not vulnerable.\n\n\nAn example of a vulnerable page (The \u201cCustom\u201d radio button is selected)"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe administrator is able to configure an insecure captive portal script\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "The administrator is able to configure an insecure captive portal script"
}
],
"impacts": [
{
"capecId": "CAPEC-229",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-229"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:35:14.483Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14744"
],
"discovery": "EXTERNAL"
},
"title": "The administrator is able to configure an insecure captive portal script",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eDisable custom page.\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\u003c/li\u003e\u003cli\u003eSelect either \u201c\u003ci\u003eBasic Message\u003c/i\u003e\u201d or \u201c\u003ci\u003eBasic Login\u201d\u003c/i\u003e\u003c/li\u003e\u003cli\u003eClick Save.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "Disable custom page.\n\n * As the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n * Select either \u201cBasic Message\u201d or \u201cBasic Login\u201d\n * Click Save."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-9132",
"datePublished": "2025-01-10T21:35:14.483Z",
"dateReserved": "2024-09-23T22:01:00.888Z",
"dateUpdated": "2025-01-13T17:49:01.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9131 (GCVE-0-2024-9131)
Vulnerability from nvd – Published: 2025-01-10 21:28 – Updated: 2025-01-13 15:45
VLAI?
Title
A user with administrator privileges can perform command injection
Summary
A user with administrator privileges can perform command injection
Severity ?
7.2 (High)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Affected:
17.1.0 , ≤ 17.1.1
(custom)
|
Credits
Mehmet INCE from PRODAFT.com
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9131",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T15:45:46.119591Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T15:45:58.848Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo required configuration.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No required configuration."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA user with administrator privileges can perform command injection\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A user with administrator privileges can perform command injection"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:28:47.417Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14800"
],
"discovery": "EXTERNAL"
},
"title": "A user with administrator privileges can perform command injection",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo known mitigation.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No known mitigation."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-9131",
"datePublished": "2025-01-10T21:28:47.417Z",
"dateReserved": "2024-09-23T22:00:58.758Z",
"dateUpdated": "2025-01-13T15:45:58.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}