Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Arista Networks — Vulnerabilities & Security Advisories 64

Browse all 64 CVE security advisories affecting Arista Networks. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Arista Networks specializes in high-performance data center switching and cloud networking solutions, primarily serving enterprise and service provider infrastructure. With sixty-four recorded Common Vulnerabilities and Exposures (CVEs), the company’s historical attack surface has predominantly featured remote code execution, cross-site scripting, and privilege escalation flaws within its management interfaces and network operating systems. These vulnerabilities often stem from input validation errors or improper access controls in legacy software versions, allowing attackers to gain unauthorized administrative access or disrupt network services. While Arista maintains a robust security posture through regular firmware updates and secure boot mechanisms, past incidents highlight the risks associated with complex network management platforms. The company actively addresses these issues via security advisories, emphasizing the importance of timely patching for deployed infrastructure to mitigate potential exploitation by malicious actors targeting critical network backbone components.

Found 9 results / 64Clear Filters
Top products by Arista Networks: EOS Arista Edge Threat Management Arista EOS DANZ Monitoring Fabric CloudVision Portal Arista Edge Threat Management - Arista Next Generation Firewall Terminattr MOS Arista Edge Threat Management - Arista NG Firewall (NGFW) Arista Wireless Access Points EOS-Policy Based Routing (PBR) CloudVision Appliance CloudVision
CVE IDTitleCVSSSeverityPublished
CVE-2024-9188 Specially constructed queries cause cross platform scripting leaking administrator tokens — Arista Edge Threat Management 8.8 High2025-01-10
CVE-2024-47520 A user with advanced report application access rights can perform actions for which they are not authorized — Arista Edge Threat ManagementCWE-653 7.6 High2025-01-10
CVE-2024-47519 Backup uploads to ETM subject to man-in-the-middle interception — Arista Edge Threat ManagementCWE-322 8.3 High2025-01-10
CVE-2024-47518 Specially constructed queries targeting ETM could discover active remote access sessions — Arista Edge Threat ManagementCWE-552 6.4 Medium2025-01-10
CVE-2024-47517 Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access — Arista Edge Threat ManagementCWE-1230 6.8 Medium2025-01-10
CVE-2024-9134 Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges. — Arista Edge Threat ManagementCWE-89 8.3 High2025-01-10
CVE-2024-9133 A user with administrator privileges is able to retrieve authentication tokens — Arista Edge Threat ManagementCWE-287 6.6 Medium2025-01-10
CVE-2024-9132 The administrator is able to configure an insecure captive portal script — Arista Edge Threat ManagementCWE-94 8.1 High2025-01-10
CVE-2024-9131 A user with administrator privileges can perform command injection — Arista Edge Threat ManagementCWE-88 7.2 High2025-01-10

This page lists every published CVE security advisory associated with Arista Networks. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.