On affected platforms running Arista EOS, the global common encryption...

3.8 / 10

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

Description

On affected platforms running Arista EOS, the global common encryption key configuration may be logged in clear text, in local or remote accounting logs. Knowledge of both the encryption key and protocol specific encrypted secrets from the device running-config could then be used to obtain protocol specific passwords in cases where symmetric passwords are required between devices with neighbor protocol relationships.

Basic Information

ID CVE-2025-3456

Source Arista

Published Aug 25, 2025 at 20:02

Modified Aug 25, 2025 at 20:31

Affected Product

Vendor Arista Networks

Product EOS

Version 4.34.0F

Affected Versions Arista Networks EOS 4.34.0F
Arista Networks EOS 4.33.0
Arista Networks EOS 4.32.0
Arista Networks EOS 4.31.0
Arista Networks EOS 4.30.0
Arista Networks EOS 4.29.0

CWE Classification

CWE-532

References

https //www.arista.com/en/support/advisories-notices/security-advisory/22022-security-advisory-0122

{
    "lastseen": "",
    "description": "On affected platforms running Arista EOS, the global common encryption key configuration may be logged in clear text, in local or remote accounting logs. Knowledge of both the encryption key and protocol specific encrypted secrets from the device running-config could then be used to obtain protocol specific passwords in cases where symmetric passwords are required between devices with neighbor protocol relationships.",
    "published": "2025-08-25T20:02:48.722Z",
    "modified": "2025-08-25T20:31:54.730Z",
    "type": "cve",
    "title": "On affected platforms running Arista EOS, the global common encryption key configuration may be logged in clear text, in local or remote accounting logs. Knowledge of both the encryption key and protocol specific encrypted secrets from the device running-c",
    "source": "Arista",
    "references": "https://https://www.arista.com/en/support/advisories-notices/security-advisory/22022-security-advisory-0122",
    "id": "CVE-2025-3456",
    "bulletinFamily": "",
    "cwe": [
        "CWE-532"
    ],
    "cvelist": null,
    "sourceData": "Arista Networks EOS 4.34.0F\nArista Networks EOS 4.33.0\nArista Networks EOS 4.32.0\nArista Networks EOS 4.31.0\nArista Networks EOS 4.30.0\nArista Networks EOS 4.29.0",
    "sourceHref": "",
    "cvss": {
        "score": 3.8,
        "severity": "LOW",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "EOS",
    "version": "4.34.0F",
    "vendor": "Arista Networks",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

On affected platforms running Arista EOS, the global common encryption key configuration may be logged in clear text, in local or remote accounting logs. Knowledge of both the encryption key and protocol specific encrypted secrets from the device running-c_CVE-2025-3456