CVE-2025-0936

On affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File TransferToRemote RPC with credentials for a remote server may cause these remote-server credentials to be logged or accounted on the local EOS device or possibly

Description

On affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File TransferToRemote RPC with credentials for a remote server may cause these remote-server credentials to be logged or accounted on the local EOS device or possibly on other remote accounting servers (i.e. TACACS, RADIUS, etc).

INFO

Published Date :

2025-05-07T22:52:25.444Z

Last Modified :

2025-05-08T13:02:27.046Z

Source :

Arista

AFFECTED PRODUCTS

The following products are affected by CVE-2025-0936 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-0936.

URL	Resource
https://www.arista.com/en/support/advisories-notices/security-advisory/21394-security-advisory-0117

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact