CVE-2024-6858 | THREATINT

Description

In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN.

PUBLISHED Reserved 2024-07-17 | Published 2026-06-04 | Updated 2026-06-04 | Assigner Arista

Problem types

CWE-1287 Improper validation of specified type of input

Product status

Default status

unaffected

4.31.0 (custom)

affected

4.30.0 (custom)

affected

4.29.0 (custom)

affected

4.28.10 (custom)

affected

References

www.arista.com/...rity-advisory/19917-security-advisory-0103

cve.org (CVE-2024-6858)

nvd.nist.gov (CVE-2024-6858)

Download JSON