CVE-2024-27889

Name of the Vulnerable Software and Affected Versions Arista NG Firewall (affected versions not specified)

Description The issue concerns multiple SQL Injection vulnerabilities in the reporting application of the Arista Edge Threat Management - Arista NG Firewall. These vulnerabilities can be exploited by a user with advanced report application access rights, allowing them to execute commands on the underlying operating system with elevated privileges. The exploitation requires authentication.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.