CVE-2017-9003
N/A
N/A
Summary
Multiple memory corruption flaws are present in ArubaOS which could allow an unauthenticated user to crash ArubaOS processes. With sufficient time and effort, it is possible these vulnerabilities could lead to the ability to execute arbitrary code - remote code execution has not yet been confirmed.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Hewlett Packard Enterprise | ArubaOS | all versions prior to 6.3.1.25 -- 6.4 prior to 6.4.4.16 -- 6.5.x prior to 6.5.1.9 -- 6.5.2 -- 6.5.3 prior to 6.5.3.3 -- 6.5.4 prior to 6.5.4.2 -- 8.x prior to 8.1.0.4 FIPS and non-FIPS versions of software are both affected equally. | affected |
Weaknesses
- unauthenticated memory corruption leading to remote code execution
ADP Enrichment
CVE Program Container
Additional References
- http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-006.txt
- http://www.securitytracker.com/id/1039580
References
- http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-006.txt
- http://www.securitytracker.com/id/1039580
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.