CVE Details
Basic Information
| Title | On affected platforms running Arista EOS with 802.1X configured, certain conditions may occur where a dynamic ACL is received from the AAA server resulting in only the first line of the ACL being installed after an Accelerated Software Upgrade (ASU) restart |
|---|---|
| Type | cve |
| Published | 2025-03-04T20:20:53.517Z |
| Modified | 2025-03-04T20:33:37.805Z |
Product Information
| Vendor | Arista Networks |
|---|---|
| Product | EOS |
| Version | 4.32.0 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N |
AI Analysis
| AI Description | A vulnerability in Arista EOS affects platforms with 802.1X configuration, causing only the first line of a dynamic ACL to be installed after an ASU restart. This impacts network access control and may affect users during captive-portal authentication. |
|---|---|
| AI Severity | High |
| AI Vendor | Arista Networks |
| AI Product | EOS |
| AI Version | 4.32.0, 4.31.0, 4.30.0 |
Affected Products
- Arista Networks EOS 4.32.0
- Arista Networks EOS 4.31.0
- Arista Networks EOS 4.30.0
Additional Information
| CWE List | CWE-1284 |
|---|---|
| Source | Arista |
Description
On affected platforms running Arista EOS with 802.1X configured, certain conditions may occur where a dynamic ACL is received from the AAA server resulting in only the first line of the ACL being installed after an Accelerated Software Upgrade (ASU) restart.
Note: supplicants with pending captive-portal authentication during ASU would be impacted with this bug.