Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for arubaos by hpe

    CVE-2017-9003 (GCVE-0-2017-9003)

    Vulnerability from nvd – Published: 2018-08-06 20:00 – Updated: 2024-08-05 16:55
    VLAI
    Summary
    Multiple memory corruption flaws are present in ArubaOS which could allow an unauthenticated user to crash ArubaOS processes. With sufficient time and effort, it is possible these vulnerabilities could lead to the ability to execute arbitrary code - remote code execution has not yet been confirmed.
    Severity
    No CVSS data available.
    CWE
    • unauthenticated memory corruption leading to remote code execution
    Assigner
    hpe
    References
    URL Tags
    http://www.arubanetworks.com/assets/alert/ARUBA-P… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1039580 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise ArubaOS Affected: all versions prior to 6.3.1.25 -- 6.4 prior to 6.4.4.16 -- 6.5.x prior to 6.5.1.9 -- 6.5.2 -- 6.5.3 prior to 6.5.3.3 -- 6.5.4 prior to 6.5.4.2 -- 8.x prior to 8.1.0.4 FIPS and non-FIPS versions of software are both affected equally.
    Create a notification for this product.
    Date Public
    2017-10-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:55:22.207Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-006.txt"
              },
              {
                "name": "1039580",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1039580"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ArubaOS",
              "vendor": "Hewlett Packard Enterprise",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions prior to 6.3.1.25 -- 6.4 prior to 6.4.4.16 -- 6.5.x prior to 6.5.1.9 -- 6.5.2 -- 6.5.3 prior to 6.5.3.3 -- 6.5.4 prior to 6.5.4.2 -- 8.x prior to 8.1.0.4 FIPS and non-FIPS versions of software are both affected equally."
                }
              ]
            }
          ],
          "datePublic": "2017-10-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple memory corruption flaws are present in ArubaOS which could allow an unauthenticated user to crash ArubaOS processes. With sufficient time and effort, it is possible these vulnerabilities could lead to the ability to execute arbitrary code - remote code execution has not yet been confirmed."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "unauthenticated memory corruption leading to remote code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-08-07T09:57:01.000Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-006.txt"
            },
            {
              "name": "1039580",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1039580"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-alert@hpe.com",
              "ID": "CVE-2017-9003",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "ArubaOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "all versions prior to 6.3.1.25 -- 6.4 prior to 6.4.4.16 -- 6.5.x prior to 6.5.1.9 -- 6.5.2 -- 6.5.3 prior to 6.5.3.3 -- 6.5.4 prior to 6.5.4.2 -- 8.x prior to 8.1.0.4 FIPS and non-FIPS versions of software are both affected equally."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Hewlett Packard Enterprise"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple memory corruption flaws are present in ArubaOS which could allow an unauthenticated user to crash ArubaOS processes. With sufficient time and effort, it is possible these vulnerabilities could lead to the ability to execute arbitrary code - remote code execution has not yet been confirmed."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "unauthenticated memory corruption leading to remote code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-006.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-006.txt"
                },
                {
                  "name": "1039580",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1039580"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2017-9003",
        "datePublished": "2018-08-06T20:00:00.000Z",
        "dateReserved": "2017-05-15T00:00:00.000Z",
        "dateUpdated": "2024-08-05T16:55:22.207Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-9003 (GCVE-0-2017-9003)

    Vulnerability from cvelistv5 – Published: 2018-08-06 20:00 – Updated: 2024-08-05 16:55
    VLAI
    Summary
    Multiple memory corruption flaws are present in ArubaOS which could allow an unauthenticated user to crash ArubaOS processes. With sufficient time and effort, it is possible these vulnerabilities could lead to the ability to execute arbitrary code - remote code execution has not yet been confirmed.
    Severity
    No CVSS data available.
    CWE
    • unauthenticated memory corruption leading to remote code execution
    Assigner
    hpe
    References
    URL Tags
    http://www.arubanetworks.com/assets/alert/ARUBA-P… x_refsource_CONFIRM
    http://www.securitytracker.com/id/1039580 vdb-entryx_refsource_SECTRACK
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise ArubaOS Affected: all versions prior to 6.3.1.25 -- 6.4 prior to 6.4.4.16 -- 6.5.x prior to 6.5.1.9 -- 6.5.2 -- 6.5.3 prior to 6.5.3.3 -- 6.5.4 prior to 6.5.4.2 -- 8.x prior to 8.1.0.4 FIPS and non-FIPS versions of software are both affected equally.
    Create a notification for this product.
    Date Public
    2017-10-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T16:55:22.207Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-006.txt"
              },
              {
                "name": "1039580",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1039580"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "ArubaOS",
              "vendor": "Hewlett Packard Enterprise",
              "versions": [
                {
                  "status": "affected",
                  "version": "all versions prior to 6.3.1.25 -- 6.4 prior to 6.4.4.16 -- 6.5.x prior to 6.5.1.9 -- 6.5.2 -- 6.5.3 prior to 6.5.3.3 -- 6.5.4 prior to 6.5.4.2 -- 8.x prior to 8.1.0.4 FIPS and non-FIPS versions of software are both affected equally."
                }
              ]
            }
          ],
          "datePublic": "2017-10-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple memory corruption flaws are present in ArubaOS which could allow an unauthenticated user to crash ArubaOS processes. With sufficient time and effort, it is possible these vulnerabilities could lead to the ability to execute arbitrary code - remote code execution has not yet been confirmed."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "unauthenticated memory corruption leading to remote code execution",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-08-07T09:57:01.000Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-006.txt"
            },
            {
              "name": "1039580",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1039580"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security-alert@hpe.com",
              "ID": "CVE-2017-9003",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "ArubaOS",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "all versions prior to 6.3.1.25 -- 6.4 prior to 6.4.4.16 -- 6.5.x prior to 6.5.1.9 -- 6.5.2 -- 6.5.3 prior to 6.5.3.3 -- 6.5.4 prior to 6.5.4.2 -- 8.x prior to 8.1.0.4 FIPS and non-FIPS versions of software are both affected equally."
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Hewlett Packard Enterprise"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple memory corruption flaws are present in ArubaOS which could allow an unauthenticated user to crash ArubaOS processes. With sufficient time and effort, it is possible these vulnerabilities could lead to the ability to execute arbitrary code - remote code execution has not yet been confirmed."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "unauthenticated memory corruption leading to remote code execution"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-006.txt",
                  "refsource": "CONFIRM",
                  "url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-006.txt"
                },
                {
                  "name": "1039580",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id/1039580"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2017-9003",
        "datePublished": "2018-08-06T20:00:00.000Z",
        "dateReserved": "2017-05-15T00:00:00.000Z",
        "dateUpdated": "2024-08-05T16:55:22.207Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }