CVE-2023-39268

🗓️ 29 Aug 2023 19:38:58Reported by hpeType

Memory corruption vulnerability in ArubaOS-Switch with potential for remote code execution

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2023-39268	30 Aug 202300:17	–	circl
CNNVD	Aruba Networks ArubaOS 缓冲区错误漏洞	29 Aug 202300:00	–	cnnvd
Cvelist	CVE-2023-39268 Memory Corruption Vulnerability in ArubaOS-Switch	29 Aug 202319:38	–	cvelist
EUVD	EUVD-2023-43000	3 Oct 202520:07	–	euvd
NVD	CVE-2023-39268	29 Aug 202320:15	–	nvd
Prion	Memory corruption	29 Aug 202320:15	–	prion
Positive Technologies	PT-2023-26858 · Aruba · Arubaos-Switch	29 Aug 202300:00	–	ptsecurity
Vulnrichment	CVE-2023-39268 Memory Corruption Vulnerability in ArubaOS-Switch	29 Aug 202319:38	–	vulnrichment

NVD

Node

hpe arubaos-switchRange<a.15.16.0026

hpe arubaos-switchRange16.01.0000–16.04.0027

hpe arubaos-switchRange16.05.0000–16.08.0027

hpe arubaos-switchRange16.10.0001–16.10.0024

hpe arubaos-switchRange16.11.0001–16.11.0013

AND

arubanetworks aruba_2530Match-

arubanetworks aruba_2530yaMatch-

arubanetworks aruba_2530ybMatch-

arubanetworks aruba_2540Match-

arubanetworks aruba_2920Match-

arubanetworks aruba_2930fMatch-

arubanetworks aruba_2930mMatch-

arubanetworks aruba_3810mMatch-

arubanetworks aruba_5406r_zl2Match-

arubanetworks aruba_5412r_zl2Match-

[
  {
    "defaultStatus": "affected",
    "product": "ArubaOS-Switch",
    "vendor": "Hewlett Packard Enterprise",
    "versions": [
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.11.xxxx: KB/WC/YA/YB/YC.16.11.0012 and below."
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.10.xxxx: KB/WC/YA/YB/YC.16.10.0025 and below."
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.10.xxxx: WB.16.10.23 and below."
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.09.xxxx: All versions."
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0026 and below."
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.07.xxxx: All versions."
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.06.xxxx: All versions."
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.05.xxxx: All versions."
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.04.xxxx: KA/RA.16.04.0026 and below."
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.03.xxxx: All versions."
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.02.xxxx: All versions."
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.01.xxxx: All versions."
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 15.xx.xxxx: 15.16.0025 and below."
      }
    ]
  }
]

Source	Link
arubanetworks	www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt

21 Nov 2024 08:15Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.14.5 - 9.8

EPSS0.00243

SSVC

CWE-787