GHSA-GMWG-2C9P-97X5
Vulnerability from github – Published: 2022-05-14 02:20 – Updated: 2022-05-14 02:20
VLAI
Details
Multiple memory corruption flaws are present in ArubaOS which could allow an unauthenticated user to crash ArubaOS processes. With sufficient time and effort, it is possible these vulnerabilities could lead to the ability to execute arbitrary code - remote code execution has not yet been confirmed.
Severity
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2017-9003"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-08-06T20:29:00Z",
"severity": "HIGH"
},
"details": "Multiple memory corruption flaws are present in ArubaOS which could allow an unauthenticated user to crash ArubaOS processes. With sufficient time and effort, it is possible these vulnerabilities could lead to the ability to execute arbitrary code - remote code execution has not yet been confirmed.",
"id": "GHSA-gmwg-2c9p-97x5",
"modified": "2022-05-14T02:20:32Z",
"published": "2022-05-14T02:20:32Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9003"
},
{
"type": "WEB",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-006.txt"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1039580"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…