Vulnerability Database

308,926

Total vulnerabilities in the database

CVE-2025-3456

On affected platforms running Arista EOS, the global common encryption key configuration may be logged in clear text, in local or remote accounting logs. Knowledge of both the encryption key and protocol specific encrypted secrets from the device running-config could then be used to obtain protocol specific passwords in cases where symmetric passwords are required between devices with neighbor protocol relationships.

Published: Aug 25, 2025
Updated: Nov 16, 2025
CVE: CVE-2025-3456
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 3.8
AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N

CWEs:

CWE-532

Affected Software
References

No affected software listed.

https://https://www.arista.com/en/support/advisories-notices/security-advisory/22022-security-advisory-0122

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo