What is CVE-2023-5502?

CVE-2023-5502 is a medium-severity vulnerability in Arista Networks Eos, classified under Improper Authentication. CVSS score: 5.9/10. Published 2026-06-04.

How severe is CVE-2023-5502?

Medium severity. CVSS v3 base score is 5.9 out of 10.

Auth bypass in Arista Networks Eos

CVE-2023-5502

On affected platforms running Arista EOS with 802.1x authentication configured on the access/trunk ports, and routing enabled on the access VLAN of the ports, a malicious supplicant may be able to bypass the requirement to perform 802.1x a…

Vulnerability class: Broken Authentication

CVSS v3 metric

CVSS v3 base score 5.9 (Medium). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N.

Affected products

Arista Networks Eos — versions 4.31.0, 4.30.0, 4.29.0

Weakness classification (CWE)

CWE-287 — Improper Authentication

References

psirt@arista.com

Frequently asked questions

What is CVE-2023-5502?: CVE-2023-5502 is a medium-severity vulnerability in Arista Networks Eos, classified under Improper Authentication. CVSS score: 5.9/10. Published 2026-06-04.
How severe is CVE-2023-5502?: Medium severity. CVSS v3 base score is 5.9 out of 10.