Skip to main content

Aruba Products Multiple Vulnerabilities

Release Date: 30 Aug 2023 3235 Views

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities were identified in Aruba Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and cross-site scripting on the targeted system.


Impact

  • Remote Code Execution
  • Denial of Service
  • Cross-Site Scripting

System / Technologies affected

Affected Aruba Switch Models:

  • Aruba 5400R Series Switches
  • Aruba 3810 Series Switches
  • Aruba 2920 Series Switches
  • Aruba 2930F Series Switches
  • Aruba 2930M Series Switches
  • Aruba 2530 Series Switches
  • Aruba 2540 Series Switches
  • Aruba CX 10000 Switch Series
  • Aruba CX 9300 Switch Series
  • Aruba CX 8400 Switch Series
  • Aruba CX 8360 Switch Series
  • Aruba CX 8325 Switch Series
  • Aruba CX 8320 Switch Series
  • Aruba CX 6400 Switch Series
  • Aruba CX 6300 Switch Series
  • Aruba CX 6200 Switch Series
  • Aruba CX 6100 Switch Series
  • Aruba CX 6000 Switch Series
  • Aruba CX 4100i Switch Series

 

Affected Software Branch Versions:

  • AOS-CX 10.10.1050 and below
  • AOS-CX 10.11.1010 and below
  • ArubaOS-Switch 16.11.xxxx: KB/WC/YA/YB/YC.16.11.0012 and below
  • ArubaOS-Switch 16.10.xxxx: KB/WC/YA/YB/YC.16.10.0025 and below
  • ArubaOS-Switch 16.10.xxxx: WB.16.10.23 and below
  • ArubaOS-Switch 16.09.xxxx: All versions
  • ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0026 and below
  • ArubaOS-Switch 16.07.xxxx: All versions
  • ArubaOS-Switch 16.06.xxxx: All versions
  • ArubaOS-Switch 16.05.xxxx: All versions
  • ArubaOS-Switch 16.04.xxxx: KA/RA.16.04.0026 and below
  • ArubaOS-Switch 16.03.xxxx: All versions
  • ArubaOS-Switch 16.02.xxxx: All versions
  • ArubaOS-Switch 16.01.xxxx: All versions
  • ArubaOS-Switch 15.xx.xxxx: 15.16.0025 and below

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:


Vulnerability Identifier


Source


Related Link