cbcvebase.
CVE-2024-6858
published 2026-06-04

CVE-2024-6858: In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the…

PriorityP432medium6.5CVSS 3.1
AVAACLPRNUINSUCNIHAN
EPSS
0.14%
4.0th percentile
In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN.

Affected

4 ranges
VendorProductVersion rangeFixed in
arista_networkseos4.28.10 – 4.28.10.1M
arista_networkseos4.29.0 – 4.29.7M
arista_networkseos4.30.0 – 4.30.5M
arista_networkseos4.31.0 – 4.31.1F
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.