Vulnerabilities > Arista > NG Firewall

DATE CVE VULNERABILITY TITLE RISK
2024-12-20 CVE-2024-12829 OS Command Injection vulnerability in Arista NG Firewall 17.1.1
Arista NG Firewall ExecManagerImpl Command Injection Remote Code Execution Vulnerability.
network
low complexity
arista CWE-78
8.8
8.8
2024-12-20 CVE-2024-12830 Path Traversal vulnerability in Arista NG Firewall 17.1.1
Arista NG Firewall custom_handler Directory Traversal Remote Code Execution Vulnerability.
network
low complexity
arista CWE-22
7.3
7.3
2024-12-20 CVE-2024-12831 Incorrect Authorization vulnerability in Arista NG Firewall 17.1.1
Arista NG Firewall uvm_login Incorrect Authorization Privilege Escalation Vulnerability.
local
low complexity
arista CWE-863
7.8
7.8
2024-12-20 CVE-2024-12832 SQL Injection vulnerability in Arista NG Firewall 17.1.1
Arista NG Firewall ReportEntry SQL Injection Arbitrary File Read and Write Vulnerability.
network
low complexity
arista CWE-89
6.3
6.3