Refine your search
6 vulnerabilities found for Arista Edge Threat Management - Arista Next Generation Firewall by Arista Networks
CVE-2025-6980 (GCVE-0-2025-6980)
Vulnerability from nvd
Published
2025-10-23 18:41
Modified
2025-10-23 18:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
Captive Portal can expose sensitive information
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management - Arista Next Generation Firewall |
Version: 0.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6980",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T18:59:53.166328Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T18:59:58.995Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management - Arista Next Generation Firewall",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.3.1",
"status": "affected",
"version": "0.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch4\u003e1) CVE-2025-6980 (ZDI-CAN-27006) - Captive Portal can expose sensitive information\u003c/h4\u003e\u003cdiv\u003e\u003cb\u003eRequired Configuration for Exploitation\u003c/b\u003e\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eIf the Captive Portal application is installed and enabled, the systems are vulnerable.\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eTo access this information:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\u003c/li\u003e\u003cli\u003eIf the Captive Portal application is not installed, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eIf Captive Portal is not enabled, the system is not vulnerable.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cimg alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-1.png\"\u003e\u003c/p\u003e\u003cp\u003eThe above shows Captive Portal as enabled.\u003c/p\u003e\u003ch4\u003eIndicators of Compromise\u003c/h4\u003e\u003cdiv\u003eNo evidence of compromise exists.\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003ch4\u003eMitigation\u003c/h4\u003e\u003cp\u003eDisable Captive Portal.\u003c/p\u003e\u003cdiv\u003eAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\u003c/div\u003e\u003col\u003e\u003cli\u003eIf the Captive Portal application is not installed, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eIf Captive Portal is not enabled, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eMove the Enabled slider to disabled.\u003c/li\u003e\u003cli\u003eClick Save\u003c/li\u003e\u003cli\u003eDisable Captive Portal.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cimg alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-2.png\"\u003e\u003c/p\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003ch4\u003e2) CVE-2025-6979 (ZDI-CAN-27007) - Captive Portal can allow authentication bypass\u003c/h4\u003e\u003cdiv\u003e\u003cb\u003eRequired Configuration for Exploitation\u003c/b\u003e\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eIf the Captive Portal application is installed and enabled, the systems are vulnerable.\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eTo access this information:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\u003c/li\u003e\u003cli\u003eIf the Captive Portal application is not installed, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eIf Captive Portal is not enabled, the system is not vulnerable.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cimg alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-1.png\"\u003e\u003c/p\u003e\u003ch4\u003eIndicators of Compromise\u003c/h4\u003e\u003cp\u003eNo evidence of compromise exists.\u003c/p\u003e\u003ch4\u003eMitigation\u003c/h4\u003e\u003cp\u003eDisable Captive Portal.\u003c/p\u003e\u003cdiv\u003eAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\u003c/div\u003e\u003col\u003e\u003cli\u003eIf the Captive Portal application is not installed, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eIf Captive Portal is not enabled, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eMove the Enabled slider to disabled.\u003c/li\u003e\u003cli\u003eClick Save\u003c/li\u003e\u003cli\u003eDisable Captive Portal.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cimg alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-2.png\"\u003e\u003c/p\u003e\u003ch4\u003e3) CVE-2025-6978 (ZDI-CAN-27310) - Diagnostics command injection vulnerability\u003c/h4\u003e\u003cp\u003e\u003cb\u003eRequired Configuration for Exploitation\u003c/b\u003e\u003c/p\u003e\u003col\u003e\u003cli\u003eA successful attack requires administrative access to the NGFW UI.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "1) CVE-2025-6980 (ZDI-CAN-27006) - Captive Portal can expose sensitive informationRequired Configuration for Exploitation\n\n\u00a0\n\nIf the Captive Portal application is installed and enabled, the systems are vulnerable.\n\n\u00a0\n\nTo access this information:\n\n * As the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n\n\nThe above shows Captive Portal as enabled.\n\nIndicators of CompromiseNo evidence of compromise exists.\n\n\u00a0\n\nMitigationDisable Captive Portal.\n\nAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n * Move the Enabled slider to disabled.\n * Click Save\n * Disable Captive Portal.\n\n\n\u00a0\n\n2) CVE-2025-6979 (ZDI-CAN-27007) - Captive Portal can allow authentication bypassRequired Configuration for Exploitation\n\n\u00a0\n\nIf the Captive Portal application is installed and enabled, the systems are vulnerable.\n\n\u00a0\n\nTo access this information:\n\n * As the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n\n\nIndicators of CompromiseNo evidence of compromise exists.\n\nMitigationDisable Captive Portal.\n\nAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n * Move the Enabled slider to disabled.\n * Click Save\n * Disable Captive Portal.\n\n\n3) CVE-2025-6978 (ZDI-CAN-27310) - Diagnostics command injection vulnerabilityRequired Configuration for Exploitation\n\n * A successful attack requires administrative access to the NGFW UI."
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista_networks:arista_edge_threat_management_-_arista_next_generation_firewall:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.3.1",
"versionStartIncluding": "0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arista would like to acknowledge and thank Gereon Huppertz working with Trend Zero Day Initiative for reporting CVE-2025-6980"
}
],
"datePublic": "2025-10-21T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCaptive Portal can expose sensitive information\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Captive Portal can expose sensitive information"
}
],
"impacts": [
{
"capecId": "CAPEC-410",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-410 Information Elicitation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T18:41:47.326Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://https://www.arista.com/en/support/advisories-notices/security-advisory/22535-security-advisory-0123"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe recommended resolution is to upgrade to the version indicated below at your earliest convenience.\u003c/p\u003e\u003cul\u003e\u003cli\u003e17.4 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.4 Upgrade"
}
],
"source": {
"advisory": "123",
"defect": [
"NGFW-15197"
],
"discovery": "EXTERNAL"
},
"title": "Captive Portal can expose sensitive information",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDo not allow non-authorized administrative access or access to the administrative browser.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Do not allow non-authorized administrative access or access to the administrative browser."
}
],
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2025-6980",
"datePublished": "2025-10-23T18:41:47.326Z",
"dateReserved": "2025-07-01T16:53:05.372Z",
"dateUpdated": "2025-10-23T18:59:58.995Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6979 (GCVE-0-2025-6979)
Vulnerability from nvd
Published
2025-10-23 18:46
Modified
2025-10-23 18:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-287 - Improper Authentication
Summary
Captive Portal can allow authentication bypass
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management - Arista Next Generation Firewall |
Version: 0.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6979",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T18:59:26.677141Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T18:59:32.658Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management - Arista Next Generation Firewall",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.3.1",
"status": "affected",
"version": "0.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch4\u003eCVE-2025-6979 (ZDI-CAN-27007) - Captive Portal can allow authentication bypass\u003c/h4\u003e\u003cdiv\u003e\u003cb\u003eRequired Configuration for Exploitation\u003c/b\u003e\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eIf the Captive Portal application is installed and enabled, the systems are vulnerable.\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eTo access this information:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\u003c/li\u003e\u003cli\u003eIf the Captive Portal application is not installed, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eIf Captive Portal is not enabled, the system is not vulnerable.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cimg alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-1.png\"\u003e\u003c/p\u003e\u003ch4\u003eIndicators of Compromise\u003c/h4\u003e\u003cp\u003eNo evidence of compromise exists.\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "CVE-2025-6979 (ZDI-CAN-27007) - Captive Portal can allow authentication bypassRequired Configuration for Exploitation\n\n\u00a0\n\nIf the Captive Portal application is installed and enabled, the systems are vulnerable.\n\n\u00a0\n\nTo access this information:\n\n * As the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n\n\nIndicators of CompromiseNo evidence of compromise exists."
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista_networks:arista_edge_threat_management_-_arista_next_generation_firewall:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.3.1",
"versionStartIncluding": "0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arista would like to acknowledge and thank Gereon Huppertz working with Trend Zero Day Initiative for reporting CVE-2025-6979"
}
],
"datePublic": "2025-10-21T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCaptive Portal can allow authentication bypass\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Captive Portal can allow authentication bypass"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T18:46:37.557Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://https://www.arista.com/en/support/advisories-notices/security-advisory/22535-security-advisory-0123"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe recommended resolution is to upgrade to the version indicated below at your earliest convenience.\u003c/p\u003e\u003cul\u003e\u003cli\u003e17.4 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.4 Upgrade"
}
],
"source": {
"advisory": "123",
"defect": [
"NGFW-15196"
],
"discovery": "EXTERNAL"
},
"title": "Captive Portal can allow authentication bypass",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch4\u003eMitigation\u003c/h4\u003e\u003cp\u003eDisable Captive Portal.\u003c/p\u003e\u003cdiv\u003eAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\u003c/div\u003e\u003col\u003e\u003cli\u003eIf the Captive Portal application is not installed, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eIf Captive Portal is not enabled, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eMove the Enabled slider to disabled.\u003c/li\u003e\u003cli\u003eClick Save\u003c/li\u003e\u003cli\u003eDisable Captive Portal.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "MitigationDisable Captive Portal.\n\nAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n * Move the Enabled slider to disabled.\n * Click Save\n * Disable Captive Portal."
}
],
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2025-6979",
"datePublished": "2025-10-23T18:46:37.557Z",
"dateReserved": "2025-07-01T16:53:03.559Z",
"dateUpdated": "2025-10-23T18:59:32.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6978 (GCVE-0-2025-6978)
Vulnerability from nvd
Published
2025-10-23 18:50
Modified
2025-10-23 18:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
Diagnostics command injection vulnerability
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management - Arista Next Generation Firewall |
Version: 0.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6978",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T18:58:35.986380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T18:58:45.528Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management - Arista Next Generation Firewall",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.3.1",
"status": "affected",
"version": "0.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch4\u003e\u003c/h4\u003e\u003ch4\u003eCVE-2025-6978 (ZDI-CAN-27310) - Diagnostics command injection vulnerability\u003c/h4\u003e\u003cp\u003e\u003cb\u003eRequired Configuration for Exploitation\u003c/b\u003e\u003c/p\u003e\u003col\u003e\u003cli\u003eA successful attack requires administrative access to the NGFW UI.\u003c/li\u003e\u003c/ol\u003e"
}
],
"value": "CVE-2025-6978 (ZDI-CAN-27310) - Diagnostics command injection vulnerabilityRequired Configuration for Exploitation\n\n * A successful attack requires administrative access to the NGFW UI."
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista_networks:arista_edge_threat_management_-_arista_next_generation_firewall:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.3.1",
"versionStartIncluding": "0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arista would like to acknowledge and thank Gereon Huppertz working with Trend Zero Day Initiative for reporting CVE-2025-6978"
}
],
"datePublic": "2025-10-21T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDiagnostics command injection vulnerability\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Diagnostics command injection vulnerability"
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T18:50:14.706Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://https://www.arista.com/en/support/advisories-notices/security-advisory/22535-security-advisory-0123"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe recommended resolution is to upgrade to the version indicated below at your earliest convenience.\u003c/p\u003e\u003cul\u003e\u003cli\u003e17.4 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.4 Upgrade"
}
],
"source": {
"advisory": "123",
"defect": [
"NGFW-15195"
],
"discovery": "EXTERNAL"
},
"title": "Diagnostics command injection vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch4\u003e\u003c/h4\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDo not allow non-authorized administrative access or access to the administrative browser.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Do not allow non-authorized administrative access or access to the administrative browser."
}
],
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2025-6978",
"datePublished": "2025-10-23T18:50:14.706Z",
"dateReserved": "2025-07-01T16:52:56.316Z",
"dateUpdated": "2025-10-23T18:58:45.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6978 (GCVE-0-2025-6978)
Vulnerability from cvelistv5
Published
2025-10-23 18:50
Modified
2025-10-23 18:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
Diagnostics command injection vulnerability
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management - Arista Next Generation Firewall |
Version: 0.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6978",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T18:58:35.986380Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T18:58:45.528Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management - Arista Next Generation Firewall",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.3.1",
"status": "affected",
"version": "0.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch4\u003e\u003c/h4\u003e\u003ch4\u003eCVE-2025-6978 (ZDI-CAN-27310) - Diagnostics command injection vulnerability\u003c/h4\u003e\u003cp\u003e\u003cb\u003eRequired Configuration for Exploitation\u003c/b\u003e\u003c/p\u003e\u003col\u003e\u003cli\u003eA successful attack requires administrative access to the NGFW UI.\u003c/li\u003e\u003c/ol\u003e"
}
],
"value": "CVE-2025-6978 (ZDI-CAN-27310) - Diagnostics command injection vulnerabilityRequired Configuration for Exploitation\n\n * A successful attack requires administrative access to the NGFW UI."
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista_networks:arista_edge_threat_management_-_arista_next_generation_firewall:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.3.1",
"versionStartIncluding": "0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arista would like to acknowledge and thank Gereon Huppertz working with Trend Zero Day Initiative for reporting CVE-2025-6978"
}
],
"datePublic": "2025-10-21T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDiagnostics command injection vulnerability\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Diagnostics command injection vulnerability"
}
],
"impacts": [
{
"capecId": "CAPEC-248",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-248 Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T18:50:14.706Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://https://www.arista.com/en/support/advisories-notices/security-advisory/22535-security-advisory-0123"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe recommended resolution is to upgrade to the version indicated below at your earliest convenience.\u003c/p\u003e\u003cul\u003e\u003cli\u003e17.4 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.4 Upgrade"
}
],
"source": {
"advisory": "123",
"defect": [
"NGFW-15195"
],
"discovery": "EXTERNAL"
},
"title": "Diagnostics command injection vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch4\u003e\u003c/h4\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDo not allow non-authorized administrative access or access to the administrative browser.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Do not allow non-authorized administrative access or access to the administrative browser."
}
],
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2025-6978",
"datePublished": "2025-10-23T18:50:14.706Z",
"dateReserved": "2025-07-01T16:52:56.316Z",
"dateUpdated": "2025-10-23T18:58:45.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6979 (GCVE-0-2025-6979)
Vulnerability from cvelistv5
Published
2025-10-23 18:46
Modified
2025-10-23 18:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-287 - Improper Authentication
Summary
Captive Portal can allow authentication bypass
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management - Arista Next Generation Firewall |
Version: 0.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6979",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T18:59:26.677141Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T18:59:32.658Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management - Arista Next Generation Firewall",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.3.1",
"status": "affected",
"version": "0.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch4\u003eCVE-2025-6979 (ZDI-CAN-27007) - Captive Portal can allow authentication bypass\u003c/h4\u003e\u003cdiv\u003e\u003cb\u003eRequired Configuration for Exploitation\u003c/b\u003e\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eIf the Captive Portal application is installed and enabled, the systems are vulnerable.\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eTo access this information:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\u003c/li\u003e\u003cli\u003eIf the Captive Portal application is not installed, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eIf Captive Portal is not enabled, the system is not vulnerable.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cimg alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-1.png\"\u003e\u003c/p\u003e\u003ch4\u003eIndicators of Compromise\u003c/h4\u003e\u003cp\u003eNo evidence of compromise exists.\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "CVE-2025-6979 (ZDI-CAN-27007) - Captive Portal can allow authentication bypassRequired Configuration for Exploitation\n\n\u00a0\n\nIf the Captive Portal application is installed and enabled, the systems are vulnerable.\n\n\u00a0\n\nTo access this information:\n\n * As the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n\n\nIndicators of CompromiseNo evidence of compromise exists."
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista_networks:arista_edge_threat_management_-_arista_next_generation_firewall:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.3.1",
"versionStartIncluding": "0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arista would like to acknowledge and thank Gereon Huppertz working with Trend Zero Day Initiative for reporting CVE-2025-6979"
}
],
"datePublic": "2025-10-21T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCaptive Portal can allow authentication bypass\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Captive Portal can allow authentication bypass"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T18:46:37.557Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://https://www.arista.com/en/support/advisories-notices/security-advisory/22535-security-advisory-0123"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe recommended resolution is to upgrade to the version indicated below at your earliest convenience.\u003c/p\u003e\u003cul\u003e\u003cli\u003e17.4 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.4 Upgrade"
}
],
"source": {
"advisory": "123",
"defect": [
"NGFW-15196"
],
"discovery": "EXTERNAL"
},
"title": "Captive Portal can allow authentication bypass",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch4\u003eMitigation\u003c/h4\u003e\u003cp\u003eDisable Captive Portal.\u003c/p\u003e\u003cdiv\u003eAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\u003c/div\u003e\u003col\u003e\u003cli\u003eIf the Captive Portal application is not installed, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eIf Captive Portal is not enabled, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eMove the Enabled slider to disabled.\u003c/li\u003e\u003cli\u003eClick Save\u003c/li\u003e\u003cli\u003eDisable Captive Portal.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "MitigationDisable Captive Portal.\n\nAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n * Move the Enabled slider to disabled.\n * Click Save\n * Disable Captive Portal."
}
],
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2025-6979",
"datePublished": "2025-10-23T18:46:37.557Z",
"dateReserved": "2025-07-01T16:53:03.559Z",
"dateUpdated": "2025-10-23T18:59:32.658Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-6980 (GCVE-0-2025-6980)
Vulnerability from cvelistv5
Published
2025-10-23 18:41
Modified
2025-10-23 18:59
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
Captive Portal can expose sensitive information
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management - Arista Next Generation Firewall |
Version: 0.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-6980",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-23T18:59:53.166328Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T18:59:58.995Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management - Arista Next Generation Firewall",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.3.1",
"status": "affected",
"version": "0.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch4\u003e1) CVE-2025-6980 (ZDI-CAN-27006) - Captive Portal can expose sensitive information\u003c/h4\u003e\u003cdiv\u003e\u003cb\u003eRequired Configuration for Exploitation\u003c/b\u003e\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eIf the Captive Portal application is installed and enabled, the systems are vulnerable.\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eTo access this information:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\u003c/li\u003e\u003cli\u003eIf the Captive Portal application is not installed, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eIf Captive Portal is not enabled, the system is not vulnerable.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cimg alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-1.png\"\u003e\u003c/p\u003e\u003cp\u003eThe above shows Captive Portal as enabled.\u003c/p\u003e\u003ch4\u003eIndicators of Compromise\u003c/h4\u003e\u003cdiv\u003eNo evidence of compromise exists.\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003ch4\u003eMitigation\u003c/h4\u003e\u003cp\u003eDisable Captive Portal.\u003c/p\u003e\u003cdiv\u003eAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\u003c/div\u003e\u003col\u003e\u003cli\u003eIf the Captive Portal application is not installed, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eIf Captive Portal is not enabled, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eMove the Enabled slider to disabled.\u003c/li\u003e\u003cli\u003eClick Save\u003c/li\u003e\u003cli\u003eDisable Captive Portal.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cimg alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-2.png\"\u003e\u003c/p\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003ch4\u003e2) CVE-2025-6979 (ZDI-CAN-27007) - Captive Portal can allow authentication bypass\u003c/h4\u003e\u003cdiv\u003e\u003cb\u003eRequired Configuration for Exploitation\u003c/b\u003e\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eIf the Captive Portal application is installed and enabled, the systems are vulnerable.\u003c/div\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eTo access this information:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\u003c/li\u003e\u003cli\u003eIf the Captive Portal application is not installed, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eIf Captive Portal is not enabled, the system is not vulnerable.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cimg alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-1.png\"\u003e\u003c/p\u003e\u003ch4\u003eIndicators of Compromise\u003c/h4\u003e\u003cp\u003eNo evidence of compromise exists.\u003c/p\u003e\u003ch4\u003eMitigation\u003c/h4\u003e\u003cp\u003eDisable Captive Portal.\u003c/p\u003e\u003cdiv\u003eAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\u003c/div\u003e\u003col\u003e\u003cli\u003eIf the Captive Portal application is not installed, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eIf Captive Portal is not enabled, the system is not vulnerable.\u003c/li\u003e\u003cli\u003eMove the Enabled slider to disabled.\u003c/li\u003e\u003cli\u003eClick Save\u003c/li\u003e\u003cli\u003eDisable Captive Portal.\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cimg alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-2.png\"\u003e\u003c/p\u003e\u003ch4\u003e3) CVE-2025-6978 (ZDI-CAN-27310) - Diagnostics command injection vulnerability\u003c/h4\u003e\u003cp\u003e\u003cb\u003eRequired Configuration for Exploitation\u003c/b\u003e\u003c/p\u003e\u003col\u003e\u003cli\u003eA successful attack requires administrative access to the NGFW UI.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "1) CVE-2025-6980 (ZDI-CAN-27006) - Captive Portal can expose sensitive informationRequired Configuration for Exploitation\n\n\u00a0\n\nIf the Captive Portal application is installed and enabled, the systems are vulnerable.\n\n\u00a0\n\nTo access this information:\n\n * As the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n\n\nThe above shows Captive Portal as enabled.\n\nIndicators of CompromiseNo evidence of compromise exists.\n\n\u00a0\n\nMitigationDisable Captive Portal.\n\nAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n * Move the Enabled slider to disabled.\n * Click Save\n * Disable Captive Portal.\n\n\n\u00a0\n\n2) CVE-2025-6979 (ZDI-CAN-27007) - Captive Portal can allow authentication bypassRequired Configuration for Exploitation\n\n\u00a0\n\nIf the Captive Portal application is installed and enabled, the systems are vulnerable.\n\n\u00a0\n\nTo access this information:\n\n * As the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n\n\nIndicators of CompromiseNo evidence of compromise exists.\n\nMitigationDisable Captive Portal.\n\nAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n * Move the Enabled slider to disabled.\n * Click Save\n * Disable Captive Portal.\n\n\n3) CVE-2025-6978 (ZDI-CAN-27310) - Diagnostics command injection vulnerabilityRequired Configuration for Exploitation\n\n * A successful attack requires administrative access to the NGFW UI."
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arista_networks:arista_edge_threat_management_-_arista_next_generation_firewall:*:*:*:*:*:*:*:*",
"versionEndIncluding": "17.3.1",
"versionStartIncluding": "0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Arista would like to acknowledge and thank Gereon Huppertz working with Trend Zero Day Initiative for reporting CVE-2025-6980"
}
],
"datePublic": "2025-10-21T15:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eCaptive Portal can expose sensitive information\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Captive Portal can expose sensitive information"
}
],
"impacts": [
{
"capecId": "CAPEC-410",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-410 Information Elicitation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-23T18:41:47.326Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://https://www.arista.com/en/support/advisories-notices/security-advisory/22535-security-advisory-0123"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThe recommended resolution is to upgrade to the version indicated below at your earliest convenience.\u003c/p\u003e\u003cul\u003e\u003cli\u003e17.4 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.4 Upgrade"
}
],
"source": {
"advisory": "123",
"defect": [
"NGFW-15197"
],
"discovery": "EXTERNAL"
},
"title": "Captive Portal can expose sensitive information",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDo not allow non-authorized administrative access or access to the administrative browser.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Do not allow non-authorized administrative access or access to the administrative browser."
}
],
"x_generator": {
"engine": "Vulnogram 0.4.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2025-6980",
"datePublished": "2025-10-23T18:41:47.326Z",
"dateReserved": "2025-07-01T16:53:05.372Z",
"dateUpdated": "2025-10-23T18:59:58.995Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}