Description

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Successful exploitation of these vulnerabilities may allow an attacker to impact the availability of the AOS-CX LLDP service and/or the management plane of the switch in ArubaOS-CX Switches version(s): AOS-CX 10.09.xxxx: 10.09.1010 and below, AOS-CX 10.08.xxxx: 10.08.1050 and below, AOS-CX 10.06.xxxx: 10.06.0190 and below. Aruba has released upgrades for ArubaOS-CX Switch Devices that address these security vulnerabilities.

Related CPE's

o

arubanetworks

aos-cx

48

h

arubanetworks

cx_10000

-

h

arubanetworks

cx_8325

-

h

arubanetworks

cx_8320

-

h

arubanetworks

cx_9300

-

h

arubanetworks

cx_8360

-

h

arubanetworks

cx_6400

-

h

arubanetworks

cx_6300

-

h

arubanetworks

cx_6200f

-

h

arubanetworks

cx_6100

-

h

arubanetworks

cx_6000

-

h

arubanetworks

cx_4100i

-

h

arubanetworks

cx_8400

-

References

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-012.txt

Vendor Advisory

Weaknesses

[email protected]

Primary
NVD-CWE-noinfo

CVSS impact metrics

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

4.3 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2022-09-06T18:15:11.273

2 years ago

Last modified

2023-08-08T14:22:24.967

1 year ago