Main Vulnerability Database Vulnerabilities #VU109375

#VU109375 Information disclosure in Arista Edge Threat Management - Arista NG Firewall (NGFW) - CVE-2024-47517

Published: May 17, 2025

Vulnerability identifier: #VU109375

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-47517

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
Arista Edge Threat Management - Arista NG Firewall (NGFW)

Software vendor:
Arista Networks

Description

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. Expired and unusable administrator authentication tokens can be revealed by units that have timed out from ETM access.

Remediation

Install updates from vendor's website.

External links

https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105

#VU109375 Information disclosure in Arista Edge Threat Management - Arista NG Firewall (NGFW) - CVE-2024-47517

Description

Remediation

External links

Please verify you're human