{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-54547", "assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "state": "PUBLISHED", "assignerShortName": "Arista", "dateReserved": "2025-07-24T18:47:24.387Z", "datePublished": "2025-10-29T22:45:53.499Z", "dateUpdated": "2025-10-29T22:45:53.499Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["DCA-350E-CV", "DCA-300-CV", "DCA-250-CV", "DCA-200-CV", "Arista Converged Cloud Fabric", "Arista DANZ Monitoring Fabric", "Arista Multi-Cloud Director"], "product": "DANZ Monitoring Fabric", "vendor": "Arista Networks", "versions": [{"status": "affected", "version": "0", "versionType": "custom"}, {"lessThanOrEqual": "DMF 8.6.1", "status": "affected", "version": "0", "versionType": "custom"}, {"lessThanOrEqual": "DMF 8.5.2", "status": "affected", "version": "0", "versionType": "custom"}, {"lessThanOrEqual": "CCF 6.2.4", "status": "affected", "version": "0", "versionType": "custom"}, {"lessThanOrEqual": "CVA 7.0", "status": "affected", "version": "0", "versionType": "custom"}, {"lessThanOrEqual": "MCD 2.4.0", "status": "affected", "version": "0", "versionType": "custom"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">The following conditions must be met: The connecting SSH client must be configured to allow multiple sessions to be multiplexed onto the same SSH Connection (e.g., via the OpenSSH </span><b>ControlMaster auto</b><span style=\"background-color: rgb(255, 255, 255);\">&nbsp;configuration or other equivalent configurations); The ControlMaster connection must be active; The attacker must have access to the ControlMaster socket on the client.</span><br>"}], "value": "The following conditions must be met: The connecting SSH client must be configured to allow multiple sessions to be multiplexed onto the same SSH Connection (e.g., via the OpenSSH ControlMaster auto\u00a0configuration or other equivalent configurations); The ControlMaster connection must be active; The attacker must have access to the ControlMaster socket on the client."}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:0:*:dca-350e-cv:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:0:*:dca-300-cv:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:0:*:dca-250-cv:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:0:*:dca-200-cv:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:0:*:arista_converged_cloud_fabric:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:0:*:arista_danz_monitoring_fabric:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:0:*:arista_multi-cloud_director:*:*:*:*:*", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-350e-cv:*:*:*:*:*", "versionEndIncluding": "dmf_8.6.1", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-300-cv:*:*:*:*:*", "versionEndIncluding": "dmf_8.6.1", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-250-cv:*:*:*:*:*", "versionEndIncluding": "dmf_8.6.1", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-200-cv:*:*:*:*:*", "versionEndIncluding": "dmf_8.6.1", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:arista_converged_cloud_fabric:*:*:*:*:*", "versionEndIncluding": "dmf_8.6.1", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:arista_danz_monitoring_fabric:*:*:*:*:*", "versionEndIncluding": "dmf_8.6.1", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:arista_multi-cloud_director:*:*:*:*:*", "versionEndIncluding": "dmf_8.6.1", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-350e-cv:*:*:*:*:*", "versionEndIncluding": "dmf_8.5.2", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-300-cv:*:*:*:*:*", "versionEndIncluding": "dmf_8.5.2", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-250-cv:*:*:*:*:*", "versionEndIncluding": "dmf_8.5.2", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-200-cv:*:*:*:*:*", "versionEndIncluding": "dmf_8.5.2", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:arista_converged_cloud_fabric:*:*:*:*:*", "versionEndIncluding": "dmf_8.5.2", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:arista_danz_monitoring_fabric:*:*:*:*:*", "versionEndIncluding": "dmf_8.5.2", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:arista_multi-cloud_director:*:*:*:*:*", "versionEndIncluding": "dmf_8.5.2", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-350e-cv:*:*:*:*:*", "versionEndIncluding": "ccf_6.2.4", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-300-cv:*:*:*:*:*", "versionEndIncluding": "ccf_6.2.4", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-250-cv:*:*:*:*:*", "versionEndIncluding": "ccf_6.2.4", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-200-cv:*:*:*:*:*", "versionEndIncluding": "ccf_6.2.4", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:arista_converged_cloud_fabric:*:*:*:*:*", "versionEndIncluding": "ccf_6.2.4", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:arista_danz_monitoring_fabric:*:*:*:*:*", "versionEndIncluding": "ccf_6.2.4", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:arista_multi-cloud_director:*:*:*:*:*", "versionEndIncluding": "ccf_6.2.4", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-350e-cv:*:*:*:*:*", "versionEndIncluding": "cva_7.0", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-300-cv:*:*:*:*:*", "versionEndIncluding": "cva_7.0", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-250-cv:*:*:*:*:*", "versionEndIncluding": "cva_7.0", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-200-cv:*:*:*:*:*", "versionEndIncluding": "cva_7.0", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:arista_converged_cloud_fabric:*:*:*:*:*", "versionEndIncluding": "cva_7.0", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:arista_danz_monitoring_fabric:*:*:*:*:*", "versionEndIncluding": "cva_7.0", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:arista_multi-cloud_director:*:*:*:*:*", "versionEndIncluding": "cva_7.0", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-350e-cv:*:*:*:*:*", "versionEndIncluding": "mcd_2.4.0", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-300-cv:*:*:*:*:*", "versionEndIncluding": "mcd_2.4.0", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-250-cv:*:*:*:*:*", "versionEndIncluding": "mcd_2.4.0", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:dca-200-cv:*:*:*:*:*", "versionEndIncluding": "mcd_2.4.0", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:arista_converged_cloud_fabric:*:*:*:*:*", "versionEndIncluding": "mcd_2.4.0", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:arista_danz_monitoring_fabric:*:*:*:*:*", "versionEndIncluding": "mcd_2.4.0", "versionStartIncluding": "0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arista_networks:danz_monitoring_fabric:*:*:arista_multi-cloud_director:*:*:*:*:*", "versionEndIncluding": "mcd_2.4.0", "versionStartIncluding": "0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "OR"}], "datePublic": "2025-10-22T15:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">On affected platforms, if SSH session multiplexing was configured on the client side, SSH sessions (e.g, scp, sftp) multiplexed onto the same channel could perform file-system operations after a configured session timeout expired</span><br>"}], "value": "On affected platforms, if SSH session multiplexing was configured on the client side, SSH sessions (e.g, scp, sftp) multiplexed onto the same channel could perform file-system operations after a configured session timeout expired"}], "impacts": [{"capecId": "CAPEC-60", "descriptions": [{"lang": "en", "value": "CAPEC-60 Reusing Session IDs (aka Session Replay)"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-613", "description": "CWE-613", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "shortName": "Arista", "dateUpdated": "2025-10-29T22:45:53.499Z"}, "references": [{"url": "https://www.arista.com/en/support/advisories-notices/security-advisory/22538-security-advisory-0124"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. Fixed versions are as follows for each product:</p><div>&nbsp;</div><div><b>Danz Monitoring Fabric</b></div><ol><ol><ul><li>DMF 8.7.1 and later releases in the 8.7.x train</li><li>DMF 8.6.2 and later releases in the 8.6.x train</li><li>DMF 8.5.3 and later releases in the 8.5.x train</li><li>DMF 8.4.6 and later releases in the 8.4.x train.</li></ul></ol></ol><div>&nbsp;</div><div><b>Converged Cloud Fabric</b></div><ol><ol><ul><li>CCF 6.2.5 and later releases in the 6.2.x train</li></ul></ol></ol><div>&nbsp;</div><div><b>Cloud Vision Appliance</b></div><ol><ol><ul><li>CVA 7.1.0 and later releases in the CVA 7.x train</li></ul></ol></ol><div>&nbsp;</div><div><b>Multi-Cloud Director</b></div><ol><ol><ul><li>MCD 2.4.1 and later releases in the 2.4.x train</li></ul></ol></ol>"}], "value": "The recommended resolution is to upgrade to a remediated software version at your earliest convenience. Arista recommends customers move to the latest version of each release that contains all the fixes listed below. Fixed versions are as follows for each product:\n\n\u00a0\n\nDanz Monitoring Fabric\n\n * DMF 8.7.1 and later releases in the 8.7.x train\n * DMF 8.6.2 and later releases in the 8.6.x train\n * DMF 8.5.3 and later releases in the 8.5.x train\n * DMF 8.4.6 and later releases in the 8.4.x train.\n\n\n\u00a0\n\nConverged Cloud Fabric\n\n * CCF 6.2.5 and later releases in the 6.2.x train\n\n\n\u00a0\n\nCloud Vision Appliance\n\n * CVA 7.1.0 and later releases in the CVA 7.x train\n\n\n\u00a0\n\nMulti-Cloud Director\n\n * MCD 2.4.1 and later releases in the 2.4.x train"}], "source": {"advisory": "124", "defect": ["BUG1084527", "BSC-20748"], "discovery": "INTERNAL"}, "title": "On affected platforms, if SSH session multiplexing was configured on the client side, SSH sessions (e.g, scp, sftp) multiplexed onto the same channel could perform file-system operations after a configured session timeout expired", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">No known mitigation </span><br>"}], "value": "No known mitigation"}], "x_generator": {"engine": "Vulnogram 0.4.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "On affected platforms, if SSH session multiplexing was configured on the client side, SSH sessions (e.g, scp, sftp) multiplexed onto the same channel could perform file-system operations after a configured session timeout expired"}], "id": "CVE-2025-54547", "lastModified": "2025-10-29T23:16:18.970", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.4, "source": "psirt@arista.com", "type": "Secondary"}]}, "published": "2025-10-29T23:16:18.970", "references": [{"source": "psirt@arista.com", "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/22538-security-advisory-0124"}], "sourceIdentifier": "psirt@arista.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-613"}], "source": "psirt@arista.com", "type": "Secondary"}]}

{}

{}