Vendor
Arista Networks
Products
1
CVEs
9
Across products
9
Status
Private
Products
1- 9 CVEs
Recent CVEs
9| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-9188 | 0.00 | — | 0.01 | Jan 10, 2025 | Specially constructed queries cause cross platform scripting leaking administrator tokens | ||
| CVE-2024-47520 | 0.00 | — | 0.00 | Jan 10, 2025 | A user with advanced report application access rights can perform actions for which they are not authorized | ||
| CVE-2024-47519 | 0.00 | — | 0.00 | Jan 10, 2025 | Backup uploads to ETM subject to man-in-the-middle interception | ||
| CVE-2024-47518 | 0.00 | — | 0.00 | Jan 10, 2025 | Specially constructed queries targeting ETM could discover active remote access sessions | ||
| CVE-2024-47517 | 0.00 | — | 0.00 | Jan 10, 2025 | Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access | ||
| CVE-2024-9134 | 0.00 | — | 0.00 | Jan 10, 2025 | Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges. | ||
| CVE-2024-9133 | 0.00 | — | 0.00 | Jan 10, 2025 | A user with administrator privileges is able to retrieve authentication tokens | ||
| CVE-2024-9132 | 0.00 | — | 0.01 | Jan 10, 2025 | The administrator is able to configure an insecure captive portal script | ||
| CVE-2024-9131 | 0.00 | — | 0.00 | Jan 10, 2025 | A user with administrator privileges can perform command injection |