Lucene search
K

818 matches found

CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular Linux-based network operating system developed by the American company Arista. There is a security vulnerability in Arista EOS, which occurs when, under certain conditions, physical interface fluctuations and proxy restarts may cause the IPsec...

8.2CVSS5.2AI score0.00226EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.11 views

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular Linux-based network operating system developed by the American company Arista. There is a security vulnerability in Arista EOS, which arises due to the lack of verification of the tunnel protocol type during tunnel decapsulation configurations...

6.9CVSS5.7AI score0.00836EPSS
Exploits1References1
NVD
NVD
added 2026/06/04 11:16 p.m.10 views

CVE-2025-8873

On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being...

8.7CVSS0.00386EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 11:16 p.m.8 views

CVE-2024-27892

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

9.6CVSS0.00302EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 11:16 p.m.8 views

CVE-2024-27891

On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports. This can cause outgoing packets to incorrectly be allowed or denied...

6.9CVSS0.00282EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 11:16 p.m.8 views

CVE-2024-27890

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

9.6CVSS0.0443EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 11:16 p.m.10 views

CVE-2023-5502

On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious supplicant may be able to bypass the requirement to perform 802.1x authentication...

8.2CVSS0.00317EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 11:4 p.m.7 views

CVE-2025-8873 Arista EOS Dataplane Denial of Service via Malformed IPsec Packet

On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being...

8.7CVSS5.5AI score0.00386EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 11:4 p.m.11 views

CVE-2025-8873

CVE-2025-8873 affects Arista EOS with IPsec enabled: a specially crafted packet can stop dataplane processing of all IPsec traffic, with control plane detecting and resetting the IPsec pipeline; after reset, IPsec traffic may not resume. Non-IPsec traffic is unaffected. Affected EOS releases incl...

8.7CVSS5.8AI score0.00386EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 11:4 p.m.36 views

CVE-2025-8873 Arista EOS Dataplane Denial of Service via Malformed IPsec Packet

On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all IPsec traffic. The control plane may detect this condition, and attempt to reset the IPsec processing pipeline. After reset traffic may not resume being...

8.7CVSS0.00386EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 10:39 p.m.28 views

CVE-2023-5502 On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, a malicious supplicant may bypass authentication.

On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious supplicant may be able to bypass the requirement to perform 802.1x authentication...

8.2CVSS0.00317EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 10:39 p.m.11 views

CVE-2023-5502 On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, a malicious supplicant may bypass authentication.

On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious supplicant may be able to bypass the requirement to perform 802.1x authentication...

8.2CVSS5.5AI score0.00317EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 10:33 p.m.32 views

CVE-2024-27892 On affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected (SSL Profiles Enabled).

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

9.6CVSS0.00302EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 10:33 p.m.10 views

CVE-2024-27892 On affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected (SSL Profiles Enabled).

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

9.6CVSS5.5AI score0.00302EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 10:33 p.m.37 views

CVE-2024-27892

Arista CVE-2024-27892 affects Arista EOS platforms running OpenConfig, where a gNMI Set request can be allowed when it should be rejected, enabling unexpected configuration changes. Impact is elevated integrity/availability risk under network attack vectors; OpenConfig must be enabled with SSL pr...

9.6CVSS5.8AI score0.00302EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 10:27 p.m.12 views

CVE-2024-27890 On affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected (No SSL Profiles Enabled).

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

9.6CVSS5.5AI score0.0443EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/04 10:27 p.m.28 views

CVE-2024-27890 On affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected (No SSL Profiles Enabled).

Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configuration being applied to the switch...

9.6CVSS0.0443EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 10:27 p.m.61 views

CVE-2024-27890

CVE-2024-27890 affects Arista EOS platforms with OpenConfig enabled; a gNMI Set request can be accepted when it should be rejected, causing unexpected configuration changes. Affected EOS versions include 4.29.x (≤4.29.7M), 4.28.x (≤4.28.10M), 4.27.x (≤4.27.8M), 4.26.x (≤4.26.9M), 4.25.x (≤4.25.10...

9.6CVSS5.8AI score0.0443EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 10:8 p.m.12 views

CVE-2024-27891 On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports.

On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports. This can cause outgoing packets to incorrectly be allowed or denied...

6.9CVSS5.5AI score0.00282EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 10:8 p.m.39 views

CVE-2024-27891

Arista CVE-2024-27891 affects EOS platforms where MACsec and outbound egress ACLs are on the same interface, potentially causing ACL policies to not be enforced for egress packets. Affected EOS releases include 4.32.x (4.32.0.1F and below), 4.31.x (4.31.2F and below), 4.30.x (4.30.6M and below), ...

6.9CVSS5.8AI score0.00282EPSS
Exploits0References1
Rows per page
Query Builder