CVE-2023-35982 Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol

🗓️ 25 Jul 2023 18:28:20Reported by hpeType

Unauthenticated Buffer Overflow in PAPI Protocol Service

Reporter	Title	Published	Views	Family All 10
CNNVD	Aruba Networks ArubaOS和InstantOS 安全漏洞	25 Jul 202300:00	–	cnnvd
CVE	CVE-2023-35982	25 Jul 202318:28	–	cve
EUVD	EUVD-2023-39966	3 Oct 202520:07	–	euvd
ICS	Siemens Scalance W1750D	9 Apr 202400:00	–	ics
NCSC	Vulnerabilities fixed in Aruba Networks ArubaOS and InstantOS	27 Jul 202300:00	–	ncsc
NCSC	Vulnerabilities fixed in Siemens products	9 Apr 202400:00	–	ncsc
NVD	CVE-2023-35982	25 Jul 202319:15	–	nvd
Prion	Buffer overflow	25 Jul 202319:15	–	prion
Tenable Nessus	Siemens Scalance W1750D Buffer Copy without Checking Size of Input (CVE-2023-35982)	13 Apr 202400:00	–	nessus
Vulnrichment	CVE-2023-35982 Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol	25 Jul 202318:28	–	vulnrichment

[
  {
    "defaultStatus": "affected",
    "product": "Aruba Access Points running InstantOS and ArubaOS 10",
    "vendor": "Hewlett Packard Enterprise (HPE)",
    "versions": [
      {
        "status": "affected",
        "version": "ArubaOS 10.4.x.x:   10.4.0.1 and below"
      },
      {
        "status": "affected",
        "version": "InstantOS 8.11.x.x: 8.11.1.0 and below"
      },
      {
        "status": "affected",
        "version": "InstantOS 8.10.x.x: 8.10.0.6 and below"
      },
      {
        "status": "affected",
        "version": "InstantOS 8.6.x.x:  8.6.0.20 and below"
      },
      {
        "status": "affected",
        "version": "InstantOS 6.5.x.x:  6.5.4.24 and below"
      },
      {
        "status": "affected",
        "version": "InstantOS 6.4.x.x:  6.4.4.8-4.2.4.21 and below"
      }
    ]
  }
]

Source	Link
arubanetworks	www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-009.txt

25 Jul 2023 18:28Current

10High risk

Vulners AI Score10

CVSS 3.19.8

EPSS0.01262