CVE-2024-11185

Summary

On affected platforms running Arista EOS, ingress traffic on Layer 2 ports may, under certain conditions, be improperly forwarded to ports associated with different VLANs, resulting in a breach of VLAN isolation and segmentation boundaries.

Affected Software

VendorProductVersion RangeStatus
Arista NetworksEOS4.29.0 <= 4.29.10Maffected
Arista NetworksEOS4.30.0 <= 4.30.9Maffected
Arista NetworksEOS4.31.0 <= 4.31.6Maffected
Arista NetworksEOS4.32.0 <= 4.32.3Maffected
Arista NetworksEOS4.33.0 <= 4.33.1Faffected

Weaknesses

  • cwe-1189

Workarounds

There are no workarounds.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References