CVE-2024-47518

MediumPublic PoC

Published: 10 January 2025

Published

10 January 2025

Modified

29 September 2025

KEV Added

—

Patch

—

CVSS Score 6.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L

EPSS Score 0.0006 18.2th percentile

Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Description

Specially constructed queries targeting ETM could discover active remote access sessions

Security Summary

CVE-2024-47518 is a vulnerability (CWE-552) in ETM that allows specially constructed queries to discover active remote access sessions. It affects Arista software components, as detailed in the vendor's security advisory. The issue carries a CVSS v3.1 base score of 6.4 (AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L), indicating medium severity with primary impact on confidentiality.

An attacker with low privileges (PR:L) and network access (AV:N) can exploit this vulnerability, though it requires high attack complexity (AC:H) with no user interaction needed. Successful exploitation enables discovery of active remote access sessions, granting high confidentiality impact (C:H), along with low integrity (I:L) and availability (A:L) effects, potentially exposing sensitive session details.

Arista's security advisory (https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105) provides mitigation guidance and patch information for affected systems. Security practitioners should consult this advisory for upgrade paths and workarounds.

Details

CWE(s): CWE-552

Affected Products

arista

ng firewall

≤ 17.1.1

References

https://www.arista.com/en/support/advisories-notices/security-advisory/20454-security-advisory-0105
Exploit, Vendor Advisory · psirt@arista.com