On affected platforms, restricted users could view sensitive portions of...

4.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Description

On affected platforms, restricted users could view sensitive portions of the config database via a debug API (e.g., user password hashes)

Basic Information

ID CVE-2025-54548

Source Arista

Published Oct 29, 2025 at 22:52

Affected Product

Vendor Arista Networks

Product DANZ Monitoring Fabric

Affected Versions Arista Networks DANZ Monitoring Fabric 0
Arista Networks DANZ Monitoring Fabric 0
Arista Networks DANZ Monitoring Fabric 0
Arista Networks DANZ Monitoring Fabric 0
Arista Networks DANZ Monitoring Fabric 0
Arista Networks DANZ Monitoring Fabric 0

CWE Classification

CWE-200

References

www.arista.com /en/support/advisories-notices/security-advisory/22538-security-advisory-0124

{
    "lastseen": "",
    "description": "On affected platforms, restricted users could view sensitive portions of the config database via a debug API (e.g., user password hashes)",
    "published": "2025-10-29T22:52:54.039Z",
    "modified": "2025-10-29T22:52:54.039Z",
    "type": "cve",
    "title": "On affected platforms, restricted users could view sensitive portions of the config database via a debug API (e.g., user password hashes)",
    "source": "Arista",
    "references": "https://www.arista.com/en/support/advisories-notices/security-advisory/22538-security-advisory-0124",
    "id": "CVE-2025-54548",
    "bulletinFamily": "",
    "cwe": [
        "CWE-200"
    ],
    "cvelist": null,
    "sourceData": "Arista Networks DANZ Monitoring Fabric 0\nArista Networks DANZ Monitoring Fabric 0\nArista Networks DANZ Monitoring Fabric 0\nArista Networks DANZ Monitoring Fabric 0\nArista Networks DANZ Monitoring Fabric 0\nArista Networks DANZ Monitoring Fabric 0",
    "sourceHref": "",
    "cvss": {
        "score": 4.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DANZ Monitoring Fabric",
    "version": "0",
    "vendor": "Arista Networks",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

On affected platforms, restricted users could view sensitive portions of the config database via a debug API (e.g., user password hashes)_CVE-2025-54548