CVE-2026-25624

CVSS Score & Metrics

Base Score

5.7 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L                                    

Vulnerability Description

An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processing behavior controls.

Vulnerability Details

Published Date

June 05, 2026

Last Modified

June 05, 2026

CWE ID

CWE-79

Source

NVD

Vendor

Arista Networks

Product

Arista Edge Threat Management - Arista Next Generation Firewall (NGFW)

External References

https://www.arista.com/en/support/advisories-notices/security-advisory/23399-security-advisory-0133

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment