cbcvebase.
CVE-2024-8000
published 2025-03-04

CVE-2024-8000: On affected platforms running Arista EOS with 802.1X configured, certain conditions may occur where a dynamic ACL is received from the AAA server resulting in…

PriorityP426medium5.3CVSS 3.1
AVAACHPRNUINSUCNIHAN
EPSS
0.19%
8.7th percentile
On affected platforms running Arista EOS with 802.1X configured, certain conditions may occur where a dynamic ACL is received from the AAA server resulting in only the first line of the ACL being installed after an Accelerated Software Upgrade (ASU) restart. Note: supplicants with pending captive-portal authentication during ASU would be impacted with this bug.

Affected

8 ranges
VendorProductVersion rangeFixed in
arista_networkseos4.30.0 – 4.30.8M
arista_networkseos4.31.0 – 4.31.5M
arista_networkseos4.32.0 – 4.32.4M
googlechrome_chrome
honohono>= 0 < 4.2.74.2.7
librenmslibrenms>= 0 < 24.4.024.4.0
lobehubchat>= 0 < 1.19.131.19.13
pyload-ng_projectpyload-ng>= 0 < 0.5.0b3.dev770.5.0b3.dev77

CVSS provenance

nvdv3.15.3MEDIUMCVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
vendor_cisco7.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.