An administrative cross‑site scripting flaw is present in the dashboard layout of Arista Edge Threat Management NGFW. Unvalidated input from variables that are echoed back to the administrative interface allows an attacker to inject arbitrary script into the web UI. The injected code can overwrite controls or trigger functions within the dashboard, potentially leading to unauthorized actions performed under the privileges of the administrative user, but the vulnerability does not provide a direct path to arbitrary code execution on the underlying operating system.

The vulnerability applies to Arista Networks’ Edge Threat Management – Arista Next Generation Firewall. The affected version range is not specified beyond the recommendation to upgrade to NGFW 17.4.1; users of earlier releases of the NGFW should assume the defect is present. No other vendors or products are listed.

The CVSS v3 score of 5.8 denotes a moderate severity. The EPSS score is not published, and the vulnerability is not listed in the CISA KEV catalog, indicating no confirmed exploitation in the wild to date. The likely attack vector involves authenticated administrative access to the web UI, although the flaw could be exploited by forging requests from an attacker’s client if authentication can be spoofed or bypassed. As the flaw requires user interaction with the administrative browser, the likelihood of exploitation depends on the privilege level of attackers who can reach the device’s management interface.