Aruba Products Multiple Vulnerabilities

Release Date: 30 Aug 2023 3070 Views

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

Multiple vulnerabilities were identified in Aruba Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution and cross-site scripting on the targeted system.

Impact

Remote Code Execution
Denial of Service
Cross-Site Scripting

System / Technologies affected

Affected Aruba Switch Models:

Aruba 5400R Series Switches
Aruba 3810 Series Switches
Aruba 2920 Series Switches
Aruba 2930F Series Switches
Aruba 2930M Series Switches
Aruba 2530 Series Switches
Aruba 2540 Series Switches
Aruba CX 10000 Switch Series
Aruba CX 9300 Switch Series
Aruba CX 8400 Switch Series
Aruba CX 8360 Switch Series
Aruba CX 8325 Switch Series
Aruba CX 8320 Switch Series
Aruba CX 6400 Switch Series
Aruba CX 6300 Switch Series
Aruba CX 6200 Switch Series
Aruba CX 6100 Switch Series
Aruba CX 6000 Switch Series
Aruba CX 4100i Switch Series

Affected Software Branch Versions:

AOS-CX 10.10.1050 and below
AOS-CX 10.11.1010 and below
ArubaOS-Switch 16.11.xxxx: KB/WC/YA/YB/YC.16.11.0012 and below
ArubaOS-Switch 16.10.xxxx: KB/WC/YA/YB/YC.16.10.0025 and below
ArubaOS-Switch 16.10.xxxx: WB.16.10.23 and below
ArubaOS-Switch 16.09.xxxx: All versions
ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0026 and below
ArubaOS-Switch 16.07.xxxx: All versions
ArubaOS-Switch 16.06.xxxx: All versions
ArubaOS-Switch 16.05.xxxx: All versions
ArubaOS-Switch 16.04.xxxx: KA/RA.16.04.0026 and below
ArubaOS-Switch 16.03.xxxx: All versions
ArubaOS-Switch 16.02.xxxx: All versions
ArubaOS-Switch 16.01.xxxx: All versions
ArubaOS-Switch 15.xx.xxxx: 15.16.0025 and below

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Aruba