PT-2026-47049 · Arista Networks · Arista Edge Threat Management - Arista Next Generation Firewall

Published

2026-06-05

·

Updated

2026-06-05

·

CVE-2026-25624

CVSS v3.1

5.7

Medium

VectorAV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L
An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processing behavior controls.

Fix

XSS

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2026-25624

Affected Products

Arista Edge Threat Management - Arista Next Generation Firewall