CVE-2025-0936 Information

Description

On affected platforms running Arista EOS with a gNMI transport enabled running the gNOI File TransferToRemote RPC with credentials for a remote server may cause these remote-server credentials to be logged or accounted on the local EOS device or possibly on other remote accounting servers (i.e. TACACS RADIUS etc).

Reference

https://www.arista.com/en/support/advisories-notices/security-advisory/21394-security-advisory-0117