Arista Edge Threat Management
Easy fix2 remedies
cpe:2.3:a:arista:ng_firewall:*:*:*:*:*:*:*
Easy fix2 remedies
- <= 17.1.1
Arista Edge Threat Management Backup Uploads Vulnerable to Man-in-the-Middle Interception
Vulnerability
Patched
A vulnerability exists in Arista Edge Threat Management (ETM) Backup uploads to the Arista NG Firewall (NGFW) that allows for man-in-the-middle interception. This issue affects all NGFW versions through 17.1.1. When the Configuration Backup service is enabled, backups can be intercepted during the upload process to ETM.
Impact
Exploitation of this vulnerability could lead to unauthorized interception of backup data during uploads to Edge Threat Management.
Reproduction
To reproduce this vulnerability, an administrator must log into the Arista NG Firewall user interface and navigate to the Apps and Services page. If the Configuration Backup service is not installed or is disabled, the system is not vulnerable. Once the service is confirmed to be active, the administrator can initiate a backup, which will then be subject to interception while being uploaded to Edge Threat Management.
Remediation
The recommended action is to disable the Configuration Backup application. After disabling, ensure to save the changes.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
0.3impact
0.6exploitability
6.2remediation
8.3relevance
0.0threat
1.6urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.