Lucene search
HistoryDec 12, 2022 - 1:15 p.m.
CVE-2022-37910
cve-2022-37910
buffer overflow
arubaos
cli
denial of service
vulnerability
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.5%
A buffer overflow vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in a denial of service on the affected system.
Affected configurations
Node
arubanetworkssd-wanRange8.7.0.0-2.3.0.0–8.7.0.0-2.3.0.6
ORarubanetworksarubaosRange6.5.4.0–6.5.4.22
ORarubanetworksarubaosRange8.4.0.0–8.6.0.17
ORarubanetworksarubaosRange8.7.0.0–8.7.1.9
ORarubanetworksarubaosRange8.8.0.0–10.3.0.1
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central",
"vendor": "Hewlett Packard Enterprise",
"versions": [
{
"status": "unaffected",
"version": "ArubaOS 6.5.4.x: 6.5.4.23 and above; ArubaOS 8.6.x: 8.6.0.18 and above; ArubaOS 8.7.x: 8.7.1.10 and above; ArubaOS 8.10.x: 8.10.0.0 and above; ArubaOS 10.3.x: 10.3.0.1 and above; SD-WAN-2.3.0.x: 8.7.0.0-2.3.0.7 and above"
}
]
}
]Related
cvelist
cvelist
CVE-2022-37910
2022-11-03 19:34:02
prion
prion
Buffer overflow
2022-12-12 13:15:00
nvd
nvd
CVE-2022-37910
2022-12-12 13:15:13
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
6.6 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.5%
Related for CVE-2022-37910