CVE-2024-27889

Summary

Multiple SQL Injection vulnerabilities exist in the reporting application of the Arista Edge Threat Management - Arista NG Firewall (NGFW). A user with advanced report application access rights can exploit the SQL injection, allowing them to execute commands on the underlying operating system with elevated privileges.

Affected Software

VendorProductVersion RangeStatus
Arista NetworksArista Edge Threat Management - Arista NG Firewall (NGFW)0 <= 17.0affected

Weaknesses

  • CWE-89: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Workarounds

For the Reports application, for all Reports Users, disable Online Access. To do this:

2. As the NGFW administrator, log into the UI and go to the Reports application.

3. For all users with the Online Access checkbox (red box) enabled, uncheck it.

4. Click Save.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References