CVE-2018-14008

Name of the Vulnerable Software and Affected Versions Arista EOS versions prior to 4.21.0F

Description The issue arises from the mishandling of 802.1x authentication, which can also affect MACSec when dynamic keys are used. This allows for a denial of service attack at the data plane by crashing the Dot1x agent via a crafted packet sent from the data port, preventing other users from successfully authenticating with the device. There is no evidence of this vulnerability being exploited as of the last update.

Recommendations For Arista EOS versions prior to 4.21.0F, update to a version later than 4.21.0F to resolve the issue. As a temporary workaround, consider restricting access to the 802.1x authentication feature to minimize the risk of exploitation.