CVE-2024-9448

HIGH

Arista EOS - DoS

Title source: llm

Description

On affected platforms running Arista EOS with Traffic Policies configured the vulnerability will cause received untagged packets not to hit Traffic Policy rules that they are expected to hit. If the rule was to drop the packet, the packet will not be dropped and instead will be forwarded as if the rule was not in place. This could lead to packets being delivered to unexpected destinations.

References (1)

[Various Sources] https://https://www.arista.com/en/support/advisories-notices/security-advisory/21121-security-advisory-0112

Scores

CVSS v3 7.5

EPSS 0.0050

EPSS Percentile 65.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-1284

Status published

Products (4)

Arista Networks/EOS 4.30.0 - 4.30.8M

Arista Networks/EOS 4.31.0 - 4.31.5M

Arista Networks/EOS 4.32.0 - 4.32.3M

Arista Networks/EOS 4.33.0 - 4.33.0F

Published May 08, 2025

Tracked Since Feb 18, 2026