CVE-2024-8000

MEDIUM Year: 2024
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-1284
View all →

Vulnerability Description

On affected platforms running Arista EOS with 802.1X configured, certain conditions may occur where a dynamic ACL is received from the AAA server resulting in only the first line of the ACL being installed after an Accelerated Software Upgrade (ASU) restart. Note: supplicants with pending captive-portal authentication during ASU would be impacted with this bug.

Related Vulnerabilities

CVE-2022-37311

MEDIUM
CVSS:5.3(Medium)

OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large location request parameter to the redirect servlet.

CWE-12842022

CVE-2022-37312

MEDIUM
CVSS:5.3(Medium)

OX App Suite through 7.10.6 has Uncontrolled Resource Consumption via a large request body containing a redirect URL to the deferrer servlet.

CWE-12842022

CVE-2023-20582

MEDIUM
CVSS:5.3(Medium)

Improper handling of invalid nested page table entries in the IOMMU may allow a privileged attacker to induce page table entry (PTE) faults to bypass RMP checks in SEV-SNP, potentially leading to a lo...

CWE-12842023

CVE-2023-4439

MEDIUM
CVSS:5.3(Medium)

A vulnerability was found in SourceCodester Card Holder Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Minus Value Handler. ...

CWE-12842023

CVE-2025-43970

MEDIUM
CVSS:5.3(Medium)

An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the address family).

CWE-12842025

CVE-2022-0596

MEDIUM
CVSS:5.4(Medium)

Improper Validation of Specified Quantity in Input in Packagist microweber/microweber prior to 1.2.11.

CWE-12842022