CVE-2024-27889 — CVSS 8.8 (high): Multiple SQL Injection vulnerabilities exist in the reporting application of the Arista Edge Threat Management - Arista NG Firewall (NGFW)…
CVE-2024-9134 — CVSS 8.3 (high): Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can…
CVE-2024-47517 — CVSS 6.8 (medium): Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access
CVE-2024-12832 — CVSS 6.3 (medium): Arista NG Firewall ReportEntry SQL Injection Arbitrary File Read and Write Vulnerability. This vulnerability allows remote attackers to…
CVE-2026-25620 — CVSS 6.0 (medium): An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management -…
CVE-2026-25621 — CVSS 6.0 (medium): A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) due to…
CVE-2026-25622 — CVSS 6.0 (medium): A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall…
CVE-2026-25623 — CVSS 6.0 (medium): An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista…
CVE-2026-25624 — CVSS 5.7 (medium): An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat…