Traffic Policy Misconfiguration in Arista EOS Network Infrastructure
CVE-2024-9448

7.5HIGH

Key Information:

Vendor: Arista Networks
Status: Eos
Vendor: CVE Published:; 8 May 2025

🔔 Create Arista Networks Vulnerability Alert

What is CVE-2024-9448?

A potential vulnerability in Arista EOS allows untagged packets to bypass established Traffic Policy rules. Affected devices may forward these packets without applying the intended security measures, resulting in unintended packet delivery and exposure to network risks. Proper management of Traffic Policies is crucial to prevent data routing errors and maintain network integrity.

Affected Version(s)

EOS 4.33.0

EOS 4.32.0 <= 4.32.3M

EOS 4.31.0 <= 4.31.5M

References

https://www.arista.com/en/support/advisories-notices/secu...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 8, 2025
Vulnerability Reserved
Oct 2, 2024