CVE-2024-27891

MEDIUM

Arista EOS MACsec Egress ACLs - Access Control Bypass

Title source: manual

Description

On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports. This can cause outgoing packets to incorrectly be allowed or denied.

References (1)

Core 1

Core References

https://www.arista.com/en/support/advisories-notices/security-advisory/19908-security-advisory-0102

Scores

CVSS v3 5.3

EPSS 0.0028

EPSS Percentile 19.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-284

Status published

Products (6)

Arista Networks/EOS 4.27.2F - 4.28.0

Arista Networks/EOS 4.28.0 - 4.28.10.1M

Arista Networks/EOS 4.29.0 - 4.29.7M

Arista Networks/EOS 4.30.0 - 4.30.6M

Arista Networks/EOS 4.31.0 - 4.31.2F

Arista Networks/EOS 4.32.0 - 4.32.0.1F

Published Jun 04, 2026

Tracked Since Jun 05, 2026