Lucene search

[email protected]CVE-2018-7081

HistorySep 13, 2019 - 5:15 p.m.

CVE-2018-7081

2019-09-1317:15:10

CWE-20

[email protected]

web.nvd.nist.gov

223

arubaos

cve-2018-7081

vulnerability

remote code execution

network-listening components

aruba

process crash

arbitrary code

papi protocol

udp port 8211

system compromise

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.3%

JSON

A remote code execution vulnerability is present in network-listening components in some versions of ArubaOS. An attacker with the ability to transmit specially-crafted IP traffic to a mobility controller could exploit this vulnerability and cause a process crash or to execute arbitrary code within the underlying operating system with full system privileges. Such an attack could lead to complete system compromise. The ability to transmit traffic to an IP interface on the mobility controller is required to carry out an attack. The attack leverages the PAPI protocol (UDP port 8211). If the mobility controller is only bridging L2 traffic to an uplink and does not have an IP address that is accessible to the attacker, it cannot be attacked.

Affected configurations

NVD

Node

arubanetworksarubaosRange<6.4.4.21

arubanetworksarubaosRange6.5.0.0–6.5.4.13

arubanetworksarubaosRange8.0.0.0–8.2.2.6

arubanetworksarubaosRange8.3.0.0–8.3.0.7

arubanetworksarubaosRange8.4.0.0–8.4.0.3

arubanetworksarubaosRange8.4.0.4–8.5.0.0

CPENameOperatorVersion
arubanetworks:arubaosarubanetworks arubaoslt6.4.4.21
arubanetworks:arubaosarubanetworks arubaoslt6.5.4.13
arubanetworks:arubaosarubanetworks arubaoslt8.2.2.6
arubanetworks:arubaosarubanetworks arubaoslt8.3.0.7
arubanetworks:arubaosarubanetworks arubaoslt8.4.0.3
arubanetworks:arubaosarubanetworks arubaoslt8.5.0.0

CPE	Name	Operator	Version
arubanetworks:arubaos	arubanetworks arubaos	lt	6.4.4.21
arubanetworks:arubaos	arubanetworks arubaos	lt	6.5.4.13
arubanetworks:arubaos	arubanetworks arubaos	lt	8.2.2.6
arubanetworks:arubaos	arubanetworks arubaos	lt	8.3.0.7
arubanetworks:arubaos	arubanetworks arubaos	lt	8.4.0.3
arubanetworks:arubaos	arubanetworks arubaos	lt	8.5.0.0

CNA Affected

[
  {
    "product": "Aruba Mobility Controllers",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Aruba Mobility Controller firmware (ArubaOS) 6.x prior to 6.4.4.21 6.5.x prior to 6.5.4.13  8.x prior to 8.2.2.6  8.3.0.x prior to 8.3.0.7, 8.4.0.x and prior to 8.4.0.3"
      }
    ]
  }
]

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-004.txt

x-c3ll.github.io/posts/CVE-2018-7081-RCE-ArubaOS/

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

0.012 Low

EPSS

Percentile

85.3%

JSON

Related for CVE-2018-7081

prion1 nvd1 cvelist1