Detections
Analytics
ArubaOS-Switch Memory Corruption Vulnerability (ARUBA-PSA-2021-003)
high Nessus Plugin ID 150752
Language:
Synopsis
An application installed on the remote host is affected by a memory corruption vulnerability.Description
According to its self-reported version number the remote host is affected by a memory corruption vulnerability. An unauthenticated, remote host can exploit this to disclose sensitive information / memory contents or execute arbitrary code.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Upgrade to the relevant ArubaOS-Switch version as referenced in the vendor advisory.See Also
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-003.txt
Plugin Details
Severity: High
ID: 150752
File Name: arubaos-switch_aruba-psa-2021-003.nasl
Version: 1.6
Type: combined
Family: Misc.
Published: 6/14/2021
Updated: 7/1/2021
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.4
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2020-27337
CVSS v3
Risk Factor: High
Base Score: 7.3
Temporal Score: 6.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:arubanetworks:arubaos, cpe:/o:hp:arubaos, x-cpe:/o:arubanetworks:arubaos-switch
Exploit Ease: No known exploits are available
Patch Publication Date: 2/5/2021
Vulnerability Publication Date: 2/5/2021
Reference Information
CVE: CVE-2020-27337