Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:LArista Ng Firewall
APPArista≤ 17.1.1
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
Related vulnerabilities
CVE-2025-2767CRITICAL9.6PL ✓ten sam produkt
Arista NG Firewall: XSS w nagłówku User-Agent prowadzący do RCE
CVE-2026-25622HIGH7.0ten sam produkt
A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Aris...
CVE-2026-25621HIGH7.0ten sam produkt
A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Gener...
CVE-2026-25620HIGH7.0ten sam produkt
An encrypted password command injection vulnerability exists in the Captive Portal application framework of Ar...
CVE-2026-25623HIGH7.0ten sam produkt
An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge T...