CVE-2025-54546

Summary

On affected platforms, restricted users could use SSH port forwarding to access host-internal services

Affected Software

VendorProductVersion RangeStatus
Arista NetworksDANZ Monitoring Fabric0affected
Arista NetworksDANZ Monitoring Fabric0 <= DMF 8.6.1affected
Arista NetworksDANZ Monitoring Fabric0 <= DMF 8.5.2affected
Arista NetworksDANZ Monitoring Fabric0 <= CCF 6.2.4affected
Arista NetworksDANZ Monitoring Fabric0 <= CVA 7.0affected
Arista NetworksDANZ Monitoring Fabric0 <= MCD 2.4.0affected

Weaknesses

  • CWE-732: CWE-732

Workarounds

Disable any restricted users until an upgraded version can be installed.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References