CVE-2024-6858

🗓️ 04 Jun 2026 21:51:08Reported by AristaType

Arista EOS 802.1X mode may allow unauthenticated multi-host access via a fallback VLAN's EAPOL device.

Reporter	Title	Published	Views	Family All 8
Arista	Security Advisory 0103	23 Jul 202400:00	–	arista
Circl	CVE-2024-6858	4 Jun 202622:49	–	circl
Cvelist	CVE-2024-6858 In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN.	4 Jun 202621:51	–	cvelist
EUVD	EUVD-2024-55610	5 Jun 202600:31	–	euvd
NVD	CVE-2024-6858	4 Jun 202622:16	–	nvd
Positive Technologies	PT-2026-46392	4 Jun 202600:00	–	ptsecurity
RedhatCVE	CVE-2024-6858	6 Jun 202600:43	–	redhatcve
Vulnrichment	CVE-2024-6858 In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN.	4 Jun 202621:51	–	vulnrichment

[
  {
    "vendor": "Arista Networks",
    "product": "EOS",
    "platforms": [
      "720D Series",
      "720XP/722XPM Series",
      "750X Series",
      "7010 Series",
      "7010X Series",
      "7020R Series",
      "7130 Series running EOS",
      "7150 Series",
      "7160 Series",
      "7170 Series",
      "7050X/X2/X3/X4 Series",
      "7060X/X2/X4/X5/X6 Series",
      "7250X Series",
      "7260X/X3 Series",
      "7280E/R/R2/R3 Series",
      "7300X/X3 Series",
      "7320X Series",
      "7358X4 Series",
      "7368X4 Series",
      "7388X5 Series",
      "7500E/R/R2/R3 Series",
      "7800R3 Series"
    ],
    "versions": [
      {
        "status": "affected",
        "version": "4.31.0",
        "lessThanOrEqual": "4.31.1F",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "4.30.0",
        "lessThanOrEqual": "4.30.5M",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "4.29.0",
        "lessThanOrEqual": "4.29.7M",
        "versionType": "custom"
      },
      {
        "status": "affected",
        "version": "4.28.10",
        "lessThanOrEqual": "4.28.10.1M",
        "versionType": "custom"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
arista	www.arista.com/en/support/advisories-notices/security-advisory/19917-security-advisory-0103

05 Jun 2026 21:16Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.16.5

EPSS0.00176

SSVC

CWE-1287