Arista: >> Ng Firewall >> 14.1.1 Security Vulnerabilities
A user with administrator privileges is able to retrieve authentication tokens
CVSS Score
6.6
EPSS Score
0.0
Published
2025-01-10
Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access
CVSS Score
6.8
EPSS Score
0.001
Published
2025-01-10
Multiple SQL Injection vulnerabilities exist in the reporting application of the Arista Edge Threat Management - Arista NG Firewall (NGFW). A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.
CVSS Score
8.8
EPSS Score
0.002
Published
2024-03-04
Page 2