Arista Edge Threat Management
Easy fix3 remedies
cpe:2.3:a:arista:ng_firewall:*:*:*:*:*:*:*
Easy fix3 remedies
- <= 17.1.1
Arista NG Firewall Cross-Site Scripting Vulnerability Leaking Administrator Tokens
Vulnerability
Patched
A cross-site scripting vulnerability has been identified in Arista Edge Threat Management - Arista NG Firewall, specifically in versions through 17.1.1. This vulnerability allows specially crafted queries to leak administrator authentication tokens. The issue arises from improper handling of query data, which can be exploited to access sensitive token information.
Impact
Exploitation of this vulnerability leads to the unauthorized disclosure of administrator authentication tokens, which could be used to impersonate an administrator.
Reproduction
To reproduce this vulnerability, an administrator can log into the Arista NG Firewall user interface and navigate to the Reports section. From there, under Administration, click 'All Settings Changes' to view the logs. The vulnerability can be exploited by sending specially constructed queries that will appear as changes from an unrecognized hostname or IP address, indicating a leak of administrator tokens.
Remediation
Users are advised to upgrade to Arista NG Firewall version 17.2.
Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM
Vulnerability Rating
Custom Algorithm
spread
0.3impact
5.0exploitability
7.3remediation
7.9relevance
0.0threat
1.6urgency
2.9incentive
5.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.