- Description
- On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. This issue can result in users retrieving data that should not have been available
- Source
- psirt@arista.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 7.7
- Impact score
- 4
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
- Severity
- HIGH
- psirt@arista.com
- CWE-284
- Hype score
- Not currently trending
🚨 CVE-2025-1259 🔴 HIGH (7.7) 🏢 Arista Networks - EOS 🏗️ 4.33.0 🔗 https://t.co/XhZiM5yZzX #CyberCron #VulnAlert #InfoSec https://t.co/MEiES33PkH
@cybercronai
6 Mar 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1259 03/04/2025 08:15:37 PM BaseSeverity: HIGH On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been r... https://t.co/7UJLcfWjXI
@CVETracker
5 Mar 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Arista Networks warns of critical vulnerabilities (CVE-2025-1259, CVE-2025-1260) in EOS software, risking unauthorized data access and config changes on devices. Upgrade recommended. 🔒 #AristaNetworks #DataSecurity #USA link: https://t.co/pntHu5Owlb https://t.co/90XjlCSCEO
@TweetThreatNews
3 Mar 2025
70 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Vulnerability Alert: Arista EOS Unauthorized Data Access and Configuration Changes 📅 Timeline: Disclosure: 2025-02-25, Patch: 2025-02-25 📌 Attribution: None known 🆔cveId: CVE-2025-1259, CVE-2025-1260 📊baseScore: 9.1 📏cvssMetrics: AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H… ht
@syedaquib77
3 Mar 2025
36 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes