Vulnerabilites related to Arista Networks - Arista Edge Threat Management
CVE-2024-9131 (GCVE-0-2024-9131)
Vulnerability from cvelistv5
Published
2025-01-10 21:28
Modified
2025-01-13 15:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A user with administrator privileges can perform command injection
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Version: 17.1.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9131",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T15:45:46.119591Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T15:45:58.848Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo required configuration.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No required configuration."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA user with administrator privileges can perform command injection\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A user with administrator privileges can perform command injection"
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-88",
"description": "CWE-88",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:28:47.417Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14800"
],
"discovery": "EXTERNAL"
},
"title": "A user with administrator privileges can perform command injection",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo known mitigation.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No known mitigation."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-9131",
"datePublished": "2025-01-10T21:28:47.417Z",
"dateReserved": "2024-09-23T22:00:58.758Z",
"dateUpdated": "2025-01-13T15:45:58.848Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47518 (GCVE-0-2024-47518)
Vulnerability from cvelistv5
Published
2025-01-10 21:52
Modified
2025-01-13 20:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Specially constructed queries targeting ETM could discover active remote access sessions
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Version: 17.1.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47518",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:12:47.805872Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:12:59.435Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003col\u003e\u003cli\u003eLog into Edge Threat Management (ETM).\u003c/li\u003e\u003cli\u003eGo to Appliances, and click your target NGFW.\u003c/li\u003e\u003cli\u003eOn the NGFW appliance page, click Remote Access.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-6.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eLeave the connection running.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "* Log into Edge Threat Management (ETM).\n * Go to Appliances, and click your target NGFW.\n * On the NGFW appliance page, click Remote Access.\n\n\n * Leave the connection running."
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSpecially constructed queries targeting ETM could discover active remote access sessions\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Specially constructed queries targeting ETM could discover active remote access sessions"
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-552",
"description": "CWE-552",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:52:19.808Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14626"
],
"discovery": "EXTERNAL"
},
"title": "Specially constructed queries targeting ETM could discover active remote access sessions",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAfter you have completed your Remote Access session, close the NGFW window.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "After you have completed your Remote Access session, close the NGFW window."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-47518",
"datePublished": "2025-01-10T21:52:19.808Z",
"dateReserved": "2024-09-25T20:29:43.984Z",
"dateUpdated": "2025-01-13T20:12:59.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9188 (GCVE-0-2024-9188)
Vulnerability from cvelistv5
Published
2025-01-10 22:05
Modified
2025-01-13 20:07
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- cwe-287
Summary
Specially constructed queries cause cross platform scripting leaking administrator tokens
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Version: 17.1.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9188",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:07:44.936182Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:07:56.835Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo required configuration.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No required configuration."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gereon Huppertz"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eSpecially constructed queries cause cross platform scripting leaking administrator tokens\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Specially constructed queries cause cross platform scripting leaking administrator tokens"
}
],
"impacts": [
{
"capecId": "CAPEC-39",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-39 Manipulating Opaque Client-based Data Tokens"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "cwe-287",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T22:05:26.349Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14822"
],
"discovery": "EXTERNAL"
},
"title": "Specially constructed queries cause cross platform scripting leaking administrator tokens",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo known mitigation.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No known mitigation."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-9188",
"datePublished": "2025-01-10T22:05:26.349Z",
"dateReserved": "2024-09-25T20:35:08.729Z",
"dateUpdated": "2025-01-13T20:07:56.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9133 (GCVE-0-2024-9133)
Vulnerability from cvelistv5
Published
2025-01-10 21:40
Modified
2025-01-13 17:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A user with administrator privileges is able to retrieve authentication tokens
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Version: 17.1.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9133",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T17:50:01.347130Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T17:50:10.084Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo required configuration.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No required configuration."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA user with administrator privileges is able to retrieve authentication tokens\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "A user with administrator privileges is able to retrieve authentication tokens"
}
],
"impacts": [
{
"capecId": "CAPEC-639",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-639"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:40:24.875Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14800"
],
"discovery": "EXTERNAL"
},
"title": "A user with administrator privileges is able to retrieve authentication tokens",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eNo known mitigation.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "No known mitigation."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-9133",
"datePublished": "2025-01-10T21:40:24.875Z",
"dateReserved": "2024-09-23T22:01:02.674Z",
"dateUpdated": "2025-01-13T17:50:10.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9134 (GCVE-0-2024-9134)
Vulnerability from cvelistv5
Published
2025-01-10 21:44
Modified
2025-01-13 20:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Version: 17.1.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9134",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:13:52.238229Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:14:00.556Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIf the NGFW has one or more Report application Report Users with Online Access enabled they are vulnerable.\u003c/p\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eTo access this information:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and navigate to the Reports application.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-4.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eThe above picture shows the configuration panel for user access. The \u201c\u003ca target=\"_blank\" rel=\"nofollow\"\u003ereportuser@domain.com\u003c/a\u003e\u201d user has \u201cOnline Access\u201d checked, which is required in order to be vulnerable.\u003c/p\u003e\u003ch4\u003eIndicators of Compromise\u003c/h4\u003e\u003cp\u003eAny compromise will reveal itself via the postgres user running a non-standard postgres process. \u0026nbsp;\u003c/p\u003e\u003cp\u003eFor example, an appropriate process list for running the postgres database will look like:\u003c/p\u003e\u003cpre\u003e# ps -u postgres -f\nUID \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; PID \u0026nbsp; PPID C STIME TTY \u0026nbsp; \u0026nbsp; \u0026nbsp; \u0026nbsp; TIME CMD\npostgres 94057 \u0026nbsp; \u0026nbsp; 1 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:00 /usr/lib/postgresql/13/bin/postgres -D /var/lib/postgresql/13/main -c config_file=/etc/postgresql/13/main/postgresql.conf\npostgres 94063 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:02 postgres: 13/main: checkpointer\npostgres 94064 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:00 postgres: 13/main: background writer\npostgres 94065 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:12 postgres: 13/main: walwriter\npostgres 94066 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:00 postgres: 13/main: autovacuum launcher\npostgres 94067 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:01 postgres: 13/main: stats collector\npostgres 94068 94057 0 Feb06 ? \u0026nbsp; \u0026nbsp; \u0026nbsp; 00:00:00 postgres: 13/main: logical replication launcher\n\u003c/pre\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cp\u003eAdditional processes run by the postgres user indicating a potential compromise may look like:\u003c/p\u003e\u003cpre\u003epostgres 100172 100171 0 Feb06 pts/2 \u0026nbsp; 00:00:00 bash\u003c/pre\u003e\u003cbr\u003e"
}
],
"value": "If the NGFW has one or more Report application Report Users with Online Access enabled they are vulnerable.\n\n\u00a0\n\nTo access this information:\n\n * As the NGFW administrator, log into the UI and navigate to the Reports application.\n\n\nThe above picture shows the configuration panel for user access. The \u201creportuser@domain.com\u201d user has \u201cOnline Access\u201d checked, which is required in order to be vulnerable.\n\nIndicators of CompromiseAny compromise will reveal itself via the postgres user running a non-standard postgres process. \u00a0\n\nFor example, an appropriate process list for running the postgres database will look like:\n\n# ps -u postgres -f\nUID \u00a0 \u00a0 \u00a0 \u00a0 PID \u00a0 PPID C STIME TTY \u00a0 \u00a0 \u00a0 \u00a0 TIME CMD\npostgres 94057 \u00a0 \u00a0 1 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:00 /usr/lib/postgresql/13/bin/postgres -D /var/lib/postgresql/13/main -c config_file=/etc/postgresql/13/main/postgresql.conf\npostgres 94063 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:02 postgres: 13/main: checkpointer\npostgres 94064 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:00 postgres: 13/main: background writer\npostgres 94065 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:12 postgres: 13/main: walwriter\npostgres 94066 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:00 postgres: 13/main: autovacuum launcher\npostgres 94067 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:01 postgres: 13/main: stats collector\npostgres 94068 94057 0 Feb06 ? \u00a0 \u00a0 \u00a0 00:00:00 postgres: 13/main: logical replication launcher\n\n\n\u00a0\n\nAdditional processes run by the postgres user indicating a potential compromise may look like:\n\npostgres 100172 100171 0 Feb06 pts/2 \u00a0 00:00:00 bash"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMultiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges."
}
],
"impacts": [
{
"capecId": "CAPEC-66",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-66 SQL Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-89",
"description": "CWE-89",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:44:17.415Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14721"
],
"discovery": "EXTERNAL"
},
"title": "Multiple SQL Injection vulnerabilities exist in the reporting application. A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eFor the Reports application, for all Reports Users, disable \u003ci\u003eOnline Access.\u003c/i\u003e\u003c/p\u003e\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-5.png\"\u003e\u003c/p\u003e\u003cdiv\u003eTo do this:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and go to the Reports application.\u003c/li\u003e\u003cli\u003eFor all users with the \u003ci\u003eOnline Access\u003c/i\u003e\u0026nbsp;checkbox (red box) enabled, uncheck it.\u003c/li\u003e\u003cli\u003eClick Save.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "For the Reports application, for all Reports Users, disable Online Access.\n\n\n\nTo do this:\n\n * As the NGFW administrator, log into the UI and go to the Reports application.\n * For all users with the Online Access\u00a0checkbox (red box) enabled, uncheck it.\n * Click Save."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-9134",
"datePublished": "2025-01-10T21:44:17.415Z",
"dateReserved": "2024-09-23T22:01:04.566Z",
"dateUpdated": "2025-01-13T20:14:00.556Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47519 (GCVE-0-2024-47519)
Vulnerability from cvelistv5
Published
2025-01-10 21:56
Modified
2025-01-13 20:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Backup uploads to ETM subject to man-in-the-middle interception
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Version: 17.1.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47519",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:11:59.715430Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:12:34.769Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the user interface and navigate to the Apps and Services page.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-8.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eIf you do not see the Configuration Backup service application, it is not installed and the system is not vulnerable.\u003c/li\u003e\u003cli\u003eClick the Configuration Backup application\u003c/li\u003e\u003cli\u003eIf you see the status that \u003cb\u003eConfiguration Backup is disabled\u003c/b\u003e, the system is not vulnerable.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-9.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eClick the Cloud tab.\u003c/li\u003e\u003cli\u003eClick Backup Now.\u003c/li\u003e\u003cli\u003eLog into Edge Threat Management.\u003c/li\u003e\u003cli\u003eGo to Appliances and Backups.\u003c/li\u003e\u003cli\u003eVerify that you see a new backup.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-10.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "* As the NGFW administrator, log into the user interface and navigate to the Apps and Services page.\n\n\n * If you do not see the Configuration Backup service application, it is not installed and the system is not vulnerable.\n * Click the Configuration Backup application\n * If you see the status that Configuration Backup is disabled, the system is not vulnerable.\n\n\n * Click the Cloud tab.\n * Click Backup Now.\n * Log into Edge Threat Management.\n * Go to Appliances and Backups.\n * Verify that you see a new backup."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eBackup uploads to ETM subject to man-in-the-middle interception\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Backup uploads to ETM subject to man-in-the-middle interception"
}
],
"impacts": [
{
"capecId": "CAPEC-94",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-94 Adversary in the Middle (AiTM)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-322",
"description": "CWE-322",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:56:54.553Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14708"
],
"discovery": "EXTERNAL"
},
"title": "Backup uploads to ETM subject to man-in-the-middle interception",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDisable Configuration Backup application.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Disable Configuration Backup application."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-47519",
"datePublished": "2025-01-10T21:56:54.553Z",
"dateReserved": "2024-09-25T20:29:43.984Z",
"dateUpdated": "2025-01-13T20:12:34.769Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47520 (GCVE-0-2024-47520)
Vulnerability from cvelistv5
Published
2025-01-10 22:00
Modified
2025-01-13 20:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
A user with advanced report application access rights can perform actions for which they are not authorized
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Version: 17.1.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47520",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:11:32.475074Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:11:36.240Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIf the NGFW has one or more Report application Report Users with Online Access enabled they are vulnerable.\u003c/p\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eTo access this information:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and navigate to the Reports application.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-4.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eThe above picture shows the configuration panel for user access. The \u201c\u003ca target=\"_blank\" rel=\"nofollow\"\u003ereportuser@domain.com\u003c/a\u003e\u201d user has \u201cOnline Access\u201d checked, which is required in order to be vulnerable.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "If the NGFW has one or more Report application Report Users with Online Access enabled they are vulnerable.\n\n\u00a0\n\nTo access this information:\n\n * As the NGFW administrator, log into the UI and navigate to the Reports application.\n\n\nThe above picture shows the configuration panel for user access. The \u201creportuser@domain.com\u201d user has \u201cOnline Access\u201d checked, which is required in order to be vulnerable."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ch4\u003eA user with advanced report application access rights can perform actions for which they are not authorized\u003c/h4\u003e\u003cbr\u003e"
}
],
"value": "A user with advanced report application access rights can perform actions for which they are not authorized"
}
],
"impacts": [
{
"capecId": "CAPEC-180",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-180 Exploiting Incorrectly Configured Access Control Security Levels"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-653",
"description": "CWE-653",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T22:00:56.183Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14707"
],
"discovery": "EXTERNAL"
},
"title": "A user with advanced report application access rights can perform actions for which they are not authorized",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eFor the Reports application, for all Reports Users, disable \u003ci\u003eOnline Access.\u003c/i\u003e\u003c/p\u003e\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-5.png\"\u003e\u003c/p\u003e\u003cdiv\u003e\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eTo do this:\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and go to the Reports application.\u003c/li\u003e\u003cli\u003eFor all users with the Online Access checkbox (red box) enabled, uncheck it.\u003c/li\u003e\u003cli\u003eClick Save.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "For the Reports application, for all Reports Users, disable Online Access.\n\n\n\n\u00a0\n\nTo do this:\n\n * As the NGFW administrator, log into the UI and go to the Reports application.\n * For all users with the Online Access checkbox (red box) enabled, uncheck it.\n * Click Save."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-47520",
"datePublished": "2025-01-10T22:00:56.183Z",
"dateReserved": "2024-09-25T20:29:43.984Z",
"dateUpdated": "2025-01-13T20:11:36.240Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-47517 (GCVE-0-2024-47517)
Vulnerability from cvelistv5
Published
2025-01-10 21:47
Modified
2025-01-13 20:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Version: 17.1.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-47517",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T20:13:17.296191Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T20:13:25.964Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003col\u003e\u003cli\u003eLog into Edge Threat Management (ETM).\u003c/li\u003e\u003cli\u003eGo to Appliances, and click your target NGFW.\u003c/li\u003e\u003cli\u003eOn the NGFW appliance page, click Remote Access.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-6.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eWith the NGFW UI in a new tab or window, let the connection expire. \u0026nbsp;\u003c/li\u003e\u003cli\u003eAfter the session has expired, any attempt to perform actions will notify you of the need to enable Remote Access again.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "* Log into Edge Threat Management (ETM).\n * Go to Appliances, and click your target NGFW.\n * On the NGFW appliance page, click Remote Access.\n\n\n * With the NGFW UI in a new tab or window, let the connection expire. \u00a0\n * After the session has expired, any attempt to perform actions will notify you of the need to enable Remote Access again."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eExpired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access"
}
],
"impacts": [
{
"capecId": "CAPEC-639",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-639"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1230",
"description": "CWE-1230",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:47:30.950Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14754"
],
"discovery": "EXTERNAL"
},
"title": "Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAfter you have completed NGFW operations with Remote Access, close the browser window or tab.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "After you have completed NGFW operations with Remote Access, close the browser window or tab."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-47517",
"datePublished": "2025-01-10T21:47:30.950Z",
"dateReserved": "2024-09-25T20:29:43.984Z",
"dateUpdated": "2025-01-13T20:13:25.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-9132 (GCVE-0-2024-9132)
Vulnerability from cvelistv5
Published
2025-01-10 21:35
Modified
2025-01-13 17:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
The administrator is able to configure an insecure captive portal script
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Arista Networks | Arista Edge Threat Management |
Version: 17.1.0 < |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-9132",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-13T17:48:50.056627Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-13T17:49:01.649Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Arista Edge Threat Management",
"vendor": "Arista Networks",
"versions": [
{
"lessThanOrEqual": "17.1.1",
"status": "affected",
"version": "17.1.0",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the user interface and navigate to the Apps and Services page.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-1.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eIf you do not see the Captive Portal application, it is not installed and the system is not \u003c/li\u003e\u003cli\u003evulnerable.\u003c/li\u003e\u003cli\u003eClick the Captive Portal application\u003c/li\u003e\u003cli\u003eIf you see the status that \u003cb\u003eCaptive Portal is disabled\u003c/b\u003e, the system is not vulnerable.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-2.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003cli\u003eClick the Captive Page tab.\u003c/li\u003e\u003cli\u003eIf the Custom radio button is not selected, the system is not vulnerable.\u003cp\u003e\u003cimg alt=\"Security Advisory 105\" src=\"https://www.arista.com/assets/images/article/SA105-3.png\"\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003eAn example of a vulnerable page (The \u201cCustom\u201d radio button is selected)\u003c/p\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "* As the NGFW administrator, log into the user interface and navigate to the Apps and Services page.\n\n\n * If you do not see the Captive Portal application, it is not installed and the system is not \n * vulnerable.\n * Click the Captive Portal application\n * If you see the status that Captive Portal is disabled, the system is not vulnerable.\n\n\n * Click the Captive Page tab.\n * If the Custom radio button is not selected, the system is not vulnerable.\n\n\nAn example of a vulnerable page (The \u201cCustom\u201d radio button is selected)"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Mehmet INCE from PRODAFT.com"
}
],
"datePublic": "2024-10-29T20:20:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eThe administrator is able to configure an insecure captive portal script\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "The administrator is able to configure an insecure captive portal script"
}
],
"impacts": [
{
"capecId": "CAPEC-229",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-229"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T21:35:14.483Z",
"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"shortName": "Arista"
},
"references": [
{
"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eThe recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\u003c/div\u003e\u003cul\u003e\u003cli\u003e17.2 Upgrade\u003c/li\u003e\u003c/ul\u003e"
}
],
"value": "The recommended resolution for all issues documented above is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.2 Upgrade"
}
],
"source": {
"advisory": "105",
"defect": [
"NGFW-14744"
],
"discovery": "EXTERNAL"
},
"title": "The administrator is able to configure an insecure captive portal script",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eDisable custom page.\u003c/div\u003e\u003col\u003e\u003cli\u003eAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\u003c/li\u003e\u003cli\u003eSelect either \u201c\u003ci\u003eBasic Message\u003c/i\u003e\u201d or \u201c\u003ci\u003eBasic Login\u201d\u003c/i\u003e\u003c/li\u003e\u003cli\u003eClick Save.\u003c/li\u003e\u003c/ol\u003e\u003cbr\u003e"
}
],
"value": "Disable custom page.\n\n * As the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n * Select either \u201cBasic Message\u201d or \u201cBasic Login\u201d\n * Click Save."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7",
"assignerShortName": "Arista",
"cveId": "CVE-2024-9132",
"datePublished": "2025-01-10T21:35:14.483Z",
"dateReserved": "2024-09-23T22:01:00.888Z",
"dateUpdated": "2025-01-13T17:49:01.649Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}