Known Vulnerabilities for products from Arista

Listed below are 20 of the newest known vulnerabilities associated with the vendor "Arista".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Additional devices specifications by Arista can be found at device.report : Arista

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2026-25624 json Not Provided 2026-06-05 2026-06-05
CVE-2026-25623 json Not Provided 2026-06-05 2026-06-05
CVE-2026-25622 json A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generat... Not Provided 2026-06-05 2026-06-08
CVE-2026-25621 json A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall ... Not Provided 2026-06-05 2026-06-08
CVE-2026-25620 json An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threa... Not Provided 2026-06-05 2026-06-08
CVE-2026-7473 json Not Provided 2026-06-05 2026-06-09
CVE-2026-2379 json Not Provided 2026-06-05 2026-06-05
CVE-2025-8873 json Not Provided 2026-06-04 2026-06-04
CVE-2024-27892 json Not Provided 2026-06-04 2026-06-04
CVE-2024-27891 json Not Provided 2026-06-04 2026-06-04
CVE-2024-6387 json A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead ssh... Not Provided 2024-07-01 2026-05-12
CVE-2023-24548 json On affected platforms running Arista EOS with VXLAN configured, malformed or truncated packets received over a VXLAN tunnel a... 6.5 - MEDIUM 2023-08-29 2023-09-05
CVE-2023-24547 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 6.5 - MEDIUM 2023-12-06 2023-12-11
CVE-2023-24546 json On affected versions of the CloudVision Portal improper access controls on the connection from devices to CloudVision could e... 8.1 - HIGH 2023-06-13 2023-11-07
CVE-2023-24545 json On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial... 7.5 - HIGH 2023-04-12 2023-04-21
CVE-2023-24513 json On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial... 7.5 - HIGH 2023-04-12 2023-04-24
CVE-2023-24512 json On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a requ... 6.5 - MEDIUM 2023-04-25 2023-05-09
CVE-2023-24511 json On affected platforms running Arista EOS with SNMP configured, a specially crafted packet can cause a memory leak in the snmp... 7.5 - HIGH 2023-04-12 2023-04-21
CVE-2023-24510 json On the affected platforms running EOS, a malformed DHCP packet might cause the DHCP relay agent to restart. 7.5 - HIGH 2023-06-05 2023-06-20
CVE-2023-24509 json On affected modular platforms running Arista EOS equipped with both redundant supervisor modules and having the redundancy pr... 7.8 - HIGH 2023-04-13 2023-04-25
Results limited to 20 most recent vulnerabilities

Known software with vulnerabilities from Arista

Type Vendor Product Version
HardwareArista7010t-48-
HardwareArista7020r-
HardwareArista7280e-
HardwareArista7280r-
HardwareArista7280r2-
HardwareArista7280r3-
HardwareArista7500e-
HardwareArista7500r-
HardwareArista7500r2-
HardwareArista7500r3-
ApplicationAristaCloudeos4.21.11m
ApplicationAristaCloudvision Exchange-
ApplicationAristaCloudvision Portal2015.1.1
HardwareAristaDcs-7050s-
HardwareAristaDcs-7050sx-
HardwareAristaDcs-7050t-
Operating
System		AristaEos4.15
Operating
System		AristaExtensible Operating System-
ApplicationAristaVeos4.21.11m
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report