PatchSiren cyber security CVE debrief
CVE-2023-5502 Arista Networks CVE debrief
CVE-2023-5502 is a HIGH severity vulnerability in Arista EOS with 802.1x authentication configured on access/trunk ports and routing enabled on the access VLAN. A malicious supplicant may bypass 802.1x authentication requirements. The vulnerability has a CVSS score of 8.2.
- Vendor
- Arista Networks
- Product
- EOS
- CVSS
- HIGH 8.2
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-04
- Original CVE updated
- 2026-06-05
- Advisory published
- 2026-06-04
- Advisory updated
- 2026-06-05
Who should care
Users of Arista EOS with 802.1x authentication and routing enabled on access VLANs should be aware of this vulnerability.
Technical summary
On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious supplicant may be able to bypass the requirement to perform 802.1x authentication.
Defensive priority
HIGH
Recommended defensive actions
- Review and apply patches from Arista as available.
- Implement additional security measures to monitor and control access to affected systems.
Evidence notes
Vendor evidence suggests Arista as the affected vendor.
Official resources
-
CVE-2023-5502 CVE record
CVE.org
-
CVE-2023-5502 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
CVE-2023-5502 was published on 2026-06-04T23:16:47.210Z and modified on 2026-06-05T15:02:34.977Z.