By weakness (CWE)

CWE-1287: related vulnerabilities

CVEs classified under CWE-1287. Understanding the weakness class helps prioritize systemic fixes over one-off patches.

1 published vulnerability

  • CVE-2024-6858MEDIUM 6.5

    Arista EOS switches running in 802.1X authentication mode contain a logic flaw that can allow unauthorized devices to bypass port access controls. If an unauthenticated device is present on a port configured for multi-auth, and there is an EAPOL-capable (Extensible Authentication Protocol over LAN) device in the fallback VLAN, the unauthenticated device may be granted network access when it should remain blocked. This creates an authentication bypass condition specific to the multi-auth scenario and fallback VLAN configuration.