Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
On affected platforms running Arista EOS with 802.1X configured, certain conditions may occur where a dynamic ACL is received from the AAA server resulting in only the first line of the ACL being inst
CVE-2024-12378
CRITICAL CVSS 9.1
Find Similar
On affected platforms running Arista EOS with secure Vxlan configured, restarting the Tunnelsec agent will result in packets being sent over the secure Vxlan tunnels in the clear.
n affected platforms running Arista EOS, ACL policies may not be enforced. IPv4 ingress ACL, MAC ingress ACL, or IPv6 standard ingress ACL enabled on one or more ethernet or LAG interfaces may result
On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious supplicant may be able to byp
On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports. This can cause outgoi
A vulnerability has been identified in the port ACL functionality of AOS-CX software running on the HPE Aruba Networking CX 9300 Switch Series only and affects: - AOS-CX 10.14.xxxx : All patche
In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN.
CVE-2024-20510
CRITICAL CVSS 9.3
Find Similar
A vulnerability in the Central Web Authentication (CWA) feature of Cisco IOS XE Software for Wireless Controllers could allow an unauthenticated, adjacent attacker to bypass the pre-authentication acc
CVE-2026-7473
MEDIUM CVSS 6.9 KEV
Find Similar
On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is p
On affected platforms with hardware IPSec support running Arista EOS with certain IPsec features enabled, EOS may exhibit unexpected behavior in specific cases. Physical interface flaps and certain ag
On affected platforms with hardware IPSec support running Arista EOS with IPsec enabled and anti-replay protection configured, EOS may exhibit unexpected behavior in specific cases. Received duplicate
On affected platforms running Arista EOS, certain serial console input might result in an unexpected reload of the device.153
A vulnerability in the access control list (ACL) programming of Cisco IOS XE Software for Cisco Catalyst 9500X and 9600X Series Switches could allow an unauthenticated, remote attacker to bypass a con
A vulnerability in the management interface access control list (ACL) processing feature in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass configured ACLs for the SSH,
When the early_acl_drop (earlyACLDrop in Lua) option is disabled (default is enabled) on a DNS over HTTPs frontend using the nghttp2 provider, the ACL check is skipped, allowing all clients to send Do
CVE-2025-26062
CRITICAL CVSS 9.8
Find Similar
An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to access the router's settings file and obtain potentially sensitive information from the curren
CVE-2025-59366
CRITICAL CVSS 9.2
Find Similar
An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by an unintended side effect of the Samba functionality, potentially leading to allow execution of specifi
On affected platforms running Arista EOS with MACsec configuration, a specially crafted packet can cause the MACsec process to terminate unexpectedly. Continuous receipt of these packets with certain
On affected platforms running Arista EOS, a specially crafted packet with incorrect VLAN tag might be copied to CPU, which may cause incorrect control plane behavior related to the packet, such as rou
A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs w
Page 1+ Next →