← back
CVE-2024-27891

On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports.

CVSS 6.9 MEDIUMEPSS 0.3%CWE-284
On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports. This can cause outgoing packets to incorrectly be allowed or denied.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Affected products
Arista Networks · EOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.arista.com/en/support/advisories-notices/security-advisory/19908-security-advisory-0102