CVE-2024-47518

Medium CVSS: 6.4

Specially constructed queries targeting ETM could discover active remote access sessions

Vendor

Product

CWE

Yayın Tarihi

2025-01-10 22:15:26

Güncelleme

2025-09-29 12:30:54

Source Identifier

psirt@arista.com

KEV Date Added

CWE-552 Ng Firewall MEDIUM Arista 2025

https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105

Critical

CVE-2025-2767

Arista NG Firewall User-Agent Cross-Site Scripting Remote Code Execution Vulnerability. This vulnerability allows remote…

High

CVE-2024-9134

Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application acce…

High

CVE-2024-9188

Specially constructed queries cause cross platform scripting leaking administrator tokens

Medium

CVE-2024-9133

A user with administrator privileges is able to retrieve authentication tokens

High

CVE-2024-47519

Backup uploads to ETM subject to man-in-the-middle interception

High

CVE-2024-47520

A user with advanced report application access rights can perform actions for which they are not authorized