CVE-2026-25624 PUBLISHED

Arista Edge Threat Management NGFW UI Administrative Cross-Site Scripting

Assigner: Arista
Reserved: 03.02.2026 Published: 05.06.2026 Updated: 05.06.2026

An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processing behavior controls.

Metrics

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:P/VC:H/VI:L/VA:L/SC:L/SI:L/SA:L
CVSS Score: 5.8

Product Status

Vendor Arista Networks
Product Arista Edge Threat Management - Arista Next Generation Firewall (NGFW)
Versions Default: unaffected
  • affected from 0 to 17.4.0 (incl.)

Affected Configurations

A successful attack requires administrative privileges to target UI entry forms and relies on session interaction parsing from a secondary administrator browser window.

Workarounds

Per operational best practice security models, do not allow unauthorized administrative access to the administrative browser.

Solutions

The recommended resolution is to upgrade to NGFW Version 17.4.1 at your earliest convenience.

Credits

  • Jon Williams & Ronan Kervella from Bishop Fox finder

References

Problem Types

  • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-Site Scripting') CWE

Impacts

  • CAPEC-63 Cross-Site Scripting (XSS)