Sensitive Data Exposure in Arista Switches and Routers
CVE-2025-54548

4.3MEDIUM

Key Information:

Vendor

Arista Networks

Status
Danz Monitoring Fabric
Vendor
CVE Published:
29 October 2025

What is CVE-2025-54548?

On certain Arista Switches and Routers, a vulnerability exists where restricted users can exploit a debug API to view sensitive components of the configuration database. This exposure includes access to critical data such as user password hashes, potentially putting system integrity and user security at risk.

Affected Version(s)

DANZ Monitoring Fabric DCA-350E-CV 0

DANZ Monitoring Fabric DCA-350E-CV 0

DANZ Monitoring Fabric DCA-350E-CV 0

References

https://www.arista.com/en/support/advisories-notices/secu...

CVSS V3.1

Score:
4.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2025-54548 : Sensitive Data Exposure in Arista Switches and Routers