PT-2025-9277 · Arista · Arista Eos

Publicado

2025-02-25

Atualizado

2025-03-05

CVE-2025-1260

CVSS v3.1

9.1

Crítica

Vetor

AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Arista EOS (affected versions not specified)

Description The issue allows a gNOI request to be executed when it should have been rejected, potentially resulting in unexpected configuration or operations being applied to the switch. This occurs on affected platforms running Arista EOS with OpenConfig configured.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284

Identificadores relacionados

BDU:2025-07176

CVE-2025-1260

Produtos afetados

Arista Eos

PT-2025-9277 · Arista · Arista Eos

CVE-2025-1260

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 13