CVE-2026-25621 MEDIUM

CVE-2026-25621: Arista Edge Threat Management NGFW Reports Application Insecure Input Validation

Vendor Arista Networks
Product Arista Edge Threat Management - Arista Next Generation Firewall (NGFW)
Weakness CWE-78
Published June 5, 2026
Last update June 5, 2026

CVSS base score

6.0/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L

What the vulnerability does

01Description

A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) due to insecure input validation. This issue uniquely affects version 17.4.0; earlier software releases are not exposed.

Key dates

02Disclosure timeline

June 5, 2026 CVE published
June 5, 2026 Record updated