Arista Next Generation Firewall

CVEs (2)

CVE	Vendor / Product	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2026-25620	Arista Arista Next Generation Firewall	Med	0.39	6.0	0.00		Jun 5, 2026	An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). This issue uniquely affects version 17.4.0; earlier software releases are not exposed.
CVE-2026-25624	Arista Arista Next Generation Firewall	Med	0.37	5.7	0.00		Jun 5, 2026	An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating…

CVE-2026-25620MedJun 5, 2026
Arista
Arista Next Generation Firewall
risk 0.39cvss 6.0epss 0.00
An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). This issue uniquely affects version 17.4.0; earlier software releases are not exposed.
CVE-2026-25624MedJun 5, 2026
Arista
Arista Next Generation Firewall
risk 0.37cvss 5.7epss 0.00
An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating…