{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-6980", "assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "state": "PUBLISHED", "assignerShortName": "Arista", "dateReserved": "2025-07-01T16:53:05.372Z", "datePublished": "2025-10-23T18:41:47.326Z", "dateUpdated": "2025-10-23T18:59:58.995Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Arista Edge Threat Management - Arista Next Generation Firewall", "vendor": "Arista Networks", "versions": [{"lessThanOrEqual": "17.3.1", "status": "affected", "version": "0.0", "versionType": "custom"}]}], "configurations": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<h4>1) CVE-2025-6980 (ZDI-CAN-27006) - Captive Portal can expose sensitive information</h4><div><b>Required Configuration for Exploitation</b></div><div>&nbsp;</div><div>If the Captive Portal application is installed and enabled, the systems are vulnerable.</div><div>&nbsp;</div><div>To access this information:</div><ol><li>As the NGFW administrator, log into the UI and navigate to the Captive Portal application.</li><li>If the Captive Portal application is not installed, the system is not vulnerable.</li><li>If Captive Portal is not enabled, the system is not vulnerable.</li></ol><p><img alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-1.png\"></p><p>The above shows Captive Portal as enabled.</p><h4>Indicators of Compromise</h4><div>No evidence of compromise exists.</div><div>&nbsp;</div><h4>Mitigation</h4><p>Disable Captive Portal.</p><div>As the NGFW administrator, log into the UI and navigate to the Captive Portal application.</div><ol><li>If the Captive Portal application is not installed, the system is not vulnerable.</li><li>If Captive Portal is not enabled, the system is not vulnerable.</li><li>Move the Enabled slider to disabled.</li><li>Click Save</li><li>Disable Captive Portal.</li></ol><p><img alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-2.png\"></p><div>&nbsp;</div><h4>2) CVE-2025-6979 (ZDI-CAN-27007) - Captive Portal can allow authentication bypass</h4><div><b>Required Configuration for Exploitation</b></div><div>&nbsp;</div><div>If the Captive Portal application is installed and enabled, the systems are vulnerable.</div><div>&nbsp;</div><div>To access this information:</div><ol><li>As the NGFW administrator, log into the UI and navigate to the Captive Portal application.</li><li>If the Captive Portal application is not installed, the system is not vulnerable.</li><li>If Captive Portal is not enabled, the system is not vulnerable.</li></ol><p><img alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-1.png\"></p><h4>Indicators of Compromise</h4><p>No evidence of compromise exists.</p><h4>Mitigation</h4><p>Disable Captive Portal.</p><div>As the NGFW administrator, log into the UI and navigate to the Captive Portal application.</div><ol><li>If the Captive Portal application is not installed, the system is not vulnerable.</li><li>If Captive Portal is not enabled, the system is not vulnerable.</li><li>Move the Enabled slider to disabled.</li><li>Click Save</li><li>Disable Captive Portal.</li></ol><p><img alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-2.png\"></p><h4>3) CVE-2025-6978 (ZDI-CAN-27310) - Diagnostics command injection vulnerability</h4><p><b>Required Configuration for Exploitation</b></p><ol><li>A successful attack requires administrative access to the NGFW UI.</li></ol><br>"}], "value": "1) CVE-2025-6980 (ZDI-CAN-27006) - Captive Portal can expose sensitive informationRequired Configuration for Exploitation\n\n\u00a0\n\nIf the Captive Portal application is installed and enabled, the systems are vulnerable.\n\n\u00a0\n\nTo access this information:\n\n * As the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n\n\nThe above shows Captive Portal as enabled.\n\nIndicators of CompromiseNo evidence of compromise exists.\n\n\u00a0\n\nMitigationDisable Captive Portal.\n\nAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n * Move the Enabled slider to disabled.\n * Click Save\n * Disable Captive Portal.\n\n\n\u00a0\n\n2) CVE-2025-6979 (ZDI-CAN-27007) - Captive Portal can allow authentication bypassRequired Configuration for Exploitation\n\n\u00a0\n\nIf the Captive Portal application is installed and enabled, the systems are vulnerable.\n\n\u00a0\n\nTo access this information:\n\n * As the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n\n\nIndicators of CompromiseNo evidence of compromise exists.\n\nMitigationDisable Captive Portal.\n\nAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n * Move the Enabled slider to disabled.\n * Click Save\n * Disable Captive Portal.\n\n\n3) CVE-2025-6978 (ZDI-CAN-27310) - Diagnostics command injection vulnerabilityRequired Configuration for Exploitation\n\n * A successful attack requires administrative access to the NGFW UI."}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arista_networks:arista_edge_threat_management_-_arista_next_generation_firewall:*:*:*:*:*:*:*:*", "versionEndIncluding": "17.3.1", "versionStartIncluding": "0.0", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "OR"}], "credits": [{"lang": "en", "type": "finder", "value": "Arista would like to acknowledge and thank Gereon Huppertz working with Trend Zero Day Initiative for reporting CVE-2025-6980"}], "datePublic": "2025-10-21T15:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Captive Portal can expose sensitive information</span><br>"}], "value": "Captive Portal can expose sensitive information"}], "impacts": [{"capecId": "CAPEC-410", "descriptions": [{"lang": "en", "value": "CAPEC-410 Information Elicitation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "shortName": "Arista", "dateUpdated": "2025-10-23T18:41:47.326Z"}, "references": [{"url": "https://https://www.arista.com/en/support/advisories-notices/security-advisory/22535-security-advisory-0123"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>The recommended resolution is to upgrade to the version indicated below at your earliest convenience.</p><ul><li>17.4 Upgrade</li></ul>"}], "value": "The recommended resolution is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.4 Upgrade"}], "source": {"advisory": "123", "defect": ["NGFW-15197"], "discovery": "EXTERNAL"}, "title": "Captive Portal can expose sensitive information", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Do not allow non-authorized administrative access or access to the administrative browser.</span><br>"}], "value": "Do not allow non-authorized administrative access or access to the administrative browser."}], "x_generator": {"engine": "Vulnogram 0.4.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-10-23T18:59:53.166328Z", "id": "CVE-2025-6980", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-23T18:59:58.995Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-6980", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-10-23T18:59:53.166328Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-10-23T18:59:55.716Z"}}], "cna": {"title": "Captive Portal can expose sensitive information", "source": {"defect": ["NGFW-15197"], "advisory": "123", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Arista would like to acknowledge and thank Gereon Huppertz working with Trend Zero Day Initiative for reporting CVE-2025-6980"}], "impacts": [{"capecId": "CAPEC-410", "descriptions": [{"lang": "en", "value": "CAPEC-410 Information Elicitation"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Arista Networks", "product": "Arista Edge Threat Management - Arista Next Generation Firewall", "versions": [{"status": "affected", "version": "0.0", "versionType": "custom", "lessThanOrEqual": "17.3.1"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "The recommended resolution is to upgrade to the version indicated below at your earliest convenience.\n\n * 17.4 Upgrade", "supportingMedia": [{"type": "text/html", "value": "<p>The recommended resolution is to upgrade to the version indicated below at your earliest convenience.</p><ul><li>17.4 Upgrade</li></ul>", "base64": false}]}], "datePublic": "2025-10-21T15:00:00.000Z", "references": [{"url": "https://https://www.arista.com/en/support/advisories-notices/security-advisory/22535-security-advisory-0123"}], "workarounds": [{"lang": "en", "value": "Do not allow non-authorized administrative access or access to the administrative browser.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Do not allow non-authorized administrative access or access to the administrative browser.</span><br>", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.4.0"}, "descriptions": [{"lang": "en", "value": "Captive Portal can expose sensitive information", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">Captive Portal can expose sensitive information</span><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"}]}], "configurations": [{"lang": "en", "value": "1) CVE-2025-6980 (ZDI-CAN-27006) - Captive Portal can expose sensitive informationRequired Configuration for Exploitation\n\n\u00a0\n\nIf the Captive Portal application is installed and enabled, the systems are vulnerable.\n\n\u00a0\n\nTo access this information:\n\n * As the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n\n\nThe above shows Captive Portal as enabled.\n\nIndicators of CompromiseNo evidence of compromise exists.\n\n\u00a0\n\nMitigationDisable Captive Portal.\n\nAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n * Move the Enabled slider to disabled.\n * Click Save\n * Disable Captive Portal.\n\n\n\u00a0\n\n2) CVE-2025-6979 (ZDI-CAN-27007) - Captive Portal can allow authentication bypassRequired Configuration for Exploitation\n\n\u00a0\n\nIf the Captive Portal application is installed and enabled, the systems are vulnerable.\n\n\u00a0\n\nTo access this information:\n\n * As the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n\n\nIndicators of CompromiseNo evidence of compromise exists.\n\nMitigationDisable Captive Portal.\n\nAs the NGFW administrator, log into the UI and navigate to the Captive Portal application.\n\n * If the Captive Portal application is not installed, the system is not vulnerable.\n * If Captive Portal is not enabled, the system is not vulnerable.\n * Move the Enabled slider to disabled.\n * Click Save\n * Disable Captive Portal.\n\n\n3) CVE-2025-6978 (ZDI-CAN-27310) - Diagnostics command injection vulnerabilityRequired Configuration for Exploitation\n\n * A successful attack requires administrative access to the NGFW UI.", "supportingMedia": [{"type": "text/html", "value": "<h4>1) CVE-2025-6980 (ZDI-CAN-27006) - Captive Portal can expose sensitive information</h4><div><b>Required Configuration for Exploitation</b></div><div>&nbsp;</div><div>If the Captive Portal application is installed and enabled, the systems are vulnerable.</div><div>&nbsp;</div><div>To access this information:</div><ol><li>As the NGFW administrator, log into the UI and navigate to the Captive Portal application.</li><li>If the Captive Portal application is not installed, the system is not vulnerable.</li><li>If Captive Portal is not enabled, the system is not vulnerable.</li></ol><p><img alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-1.png\"></p><p>The above shows Captive Portal as enabled.</p><h4>Indicators of Compromise</h4><div>No evidence of compromise exists.</div><div>&nbsp;</div><h4>Mitigation</h4><p>Disable Captive Portal.</p><div>As the NGFW administrator, log into the UI and navigate to the Captive Portal application.</div><ol><li>If the Captive Portal application is not installed, the system is not vulnerable.</li><li>If Captive Portal is not enabled, the system is not vulnerable.</li><li>Move the Enabled slider to disabled.</li><li>Click Save</li><li>Disable Captive Portal.</li></ol><p><img alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-2.png\"></p><div>&nbsp;</div><h4>2) CVE-2025-6979 (ZDI-CAN-27007) - Captive Portal can allow authentication bypass</h4><div><b>Required Configuration for Exploitation</b></div><div>&nbsp;</div><div>If the Captive Portal application is installed and enabled, the systems are vulnerable.</div><div>&nbsp;</div><div>To access this information:</div><ol><li>As the NGFW administrator, log into the UI and navigate to the Captive Portal application.</li><li>If the Captive Portal application is not installed, the system is not vulnerable.</li><li>If Captive Portal is not enabled, the system is not vulnerable.</li></ol><p><img alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-1.png\"></p><h4>Indicators of Compromise</h4><p>No evidence of compromise exists.</p><h4>Mitigation</h4><p>Disable Captive Portal.</p><div>As the NGFW administrator, log into the UI and navigate to the Captive Portal application.</div><ol><li>If the Captive Portal application is not installed, the system is not vulnerable.</li><li>If Captive Portal is not enabled, the system is not vulnerable.</li><li>Move the Enabled slider to disabled.</li><li>Click Save</li><li>Disable Captive Portal.</li></ol><p><img alt=\"Captive Portal as enabled\" src=\"https://www.arista.com/assets/images/article/SA-123-2.png\"></p><h4>3) CVE-2025-6978 (ZDI-CAN-27310) - Diagnostics command injection vulnerability</h4><p><b>Required Configuration for Exploitation</b></p><ol><li>A successful attack requires administrative access to the NGFW UI.</li></ol><br>", "base64": false}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:arista_networks:arista_edge_threat_management_-_arista_next_generation_firewall:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "17.3.1", "versionStartIncluding": "0.0"}], "operator": "OR"}], "operator": "OR"}], "providerMetadata": {"orgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "shortName": "Arista", "dateUpdated": "2025-10-23T18:41:47.326Z"}}}, "cveMetadata": {"cveId": "CVE-2025-6980", "state": "PUBLISHED", "dateUpdated": "2025-10-23T18:59:58.995Z", "dateReserved": "2025-07-01T16:53:05.372Z", "assignerOrgId": "c8b34d1a-69ae-45c3-88fe-f3b3d44f39b7", "datePublished": "2025-10-23T18:41:47.326Z", "assignerShortName": "Arista"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Captive Portal can expose sensitive information"}], "id": "CVE-2025-6980", "lastModified": "2025-10-27T13:20:15.637", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "psirt@arista.com", "type": "Secondary"}]}, "published": "2025-10-23T19:15:51.667", "references": [{"source": "psirt@arista.com", "url": "https://https://www.arista.com/en/support/advisories-notices/security-advisory/22535-security-advisory-0123"}], "sourceIdentifier": "psirt@arista.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "psirt@arista.com", "type": "Secondary"}]}

{}

{"created": "2025-10-24T10:16:44.424540+00:00", "updated": "2025-10-24T10:16:44.424565+00:00", "vendors": ["arista", "arista$PRODUCT$ng_firewall"]}