CVE-2025-37178
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
Multiple out-of-bounds read vulnerabilities were identified in a system component responsible for handling certain data buffers. Due to insufficient validation of maximum buffer size values, the process may attempt to read beyond the intended memory region. Under specific conditions, this can result in a crash of the affected process and a potential denial-of-service of the compromised process.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | 8.12.0.0 <= 8.13.1.0 | affected |
| Hewlett Packard Enterprise (HPE) | ArubaOS (AOS) | 8.10.0.0 <= 8.10.0.20 | affected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.