CVE-2024-11185 | THREATINT

Description

On affected platforms running Arista EOS, ingress traffic on Layer 2 ports may, under certain conditions, be improperly forwarded to ports associated with different VLANs, resulting in a breach of VLAN isolation and segmentation boundaries.

PUBLISHED Reserved 2024-11-13 | Published 2025-05-27 | Updated 2025-05-28 | Assigner Arista

MEDIUM: 6.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Problem types

cwe-1189

Product status

Default status

unaffected

4.29.0 (custom)

affected

4.30.0 (custom)

affected

4.31.0 (custom)

affected

4.32.0 (custom)

affected

4.33.0 (custom)

affected

References

https/...ices/security-advisory/21411-security-advisory-0118

cve.org (CVE-2024-11185)

nvd.nist.gov (CVE-2024-11185)

Download JSON