CVE-2024-6858
6.5 MEDIUMIn Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL c...
Published: 2026-06-04 · Last updated: 2026-06-05
Severity and scoring
- CVSS
- 6.5 MEDIUM
- Vector
- CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
- CWE
- CWE-1287
Description
In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-9753 — The $_internalApplyOplogUpdate aggregation pipeline stage can be used to execute a document diff containing a malformed binary diff to re... (8.1 HIGH)
- CVE-2026-9742 — When OIDC authentication is enabled in configuration, clients may set specific values in the "mechanism" parameter of the "authenticate" ... (7.5 HIGH)
- CVE-2026-11460 — A flaw has been found in Boost Serialization up to 1.91 (7.3 HIGH)
- CVE-2026-49941 — Net::CIDR::Set versions through 0.20 for Perl did not validate IP addresses (7.5 HIGH)
- CVE-2026-47675 — Hono is a Web application framework that provides support for any JavaScript runtime (4.3 MEDIUM)