9
CVE-2020-24637
- EPSS 0.52%
- Published 11.12.2020 02:15:11
- Last modified 21.11.2024 05:15:18
- Source security-alert@hpe.com
- Teams watchlist Login
- Open Login
Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker to bypass secureboot. Successful exploitation of this vulnerability this could lead to remote compromise of system integrity by allowing an attacker to load an untrusted or modified kernel in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.
Data is provided by the National Vulnerability Database (NVD)
Arubanetworks ≫ Arubaos Version < 8.5.0.11
Arubanetworks ≫ 7005 Version-
Arubanetworks ≫ 7008 Version-
Arubanetworks ≫ 7010 Version-
Arubanetworks ≫ 7024 Version-
Arubanetworks ≫ 7030 Version-
Arubanetworks ≫ 7205 Version-
Arubanetworks ≫ 7210 Version-
Arubanetworks ≫ 7220 Version-
Arubanetworks ≫ 7240xm Version-
Arubanetworks ≫ 7280 Version-
Arubanetworks ≫ 7008 Version-
Arubanetworks ≫ 7010 Version-
Arubanetworks ≫ 7024 Version-
Arubanetworks ≫ 7030 Version-
Arubanetworks ≫ 7205 Version-
Arubanetworks ≫ 7210 Version-
Arubanetworks ≫ 7220 Version-
Arubanetworks ≫ 7240xm Version-
Arubanetworks ≫ 7280 Version-
Arubanetworks ≫ Arubaos Version >= 8.6.0.0 < 8.6.0.6
Arubanetworks ≫ 7005 Version-
Arubanetworks ≫ 7008 Version-
Arubanetworks ≫ 7010 Version-
Arubanetworks ≫ 7024 Version-
Arubanetworks ≫ 7030 Version-
Arubanetworks ≫ 7205 Version-
Arubanetworks ≫ 7210 Version-
Arubanetworks ≫ 7220 Version-
Arubanetworks ≫ 7240xm Version-
Arubanetworks ≫ 7280 Version-
Arubanetworks ≫ 7008 Version-
Arubanetworks ≫ 7010 Version-
Arubanetworks ≫ 7024 Version-
Arubanetworks ≫ 7030 Version-
Arubanetworks ≫ 7205 Version-
Arubanetworks ≫ 7210 Version-
Arubanetworks ≫ 7220 Version-
Arubanetworks ≫ 7240xm Version-
Arubanetworks ≫ 7280 Version-
Arubanetworks ≫ Arubaos Version >= 8.7.0.0 < 8.7.1.0
Arubanetworks ≫ 7005 Version-
Arubanetworks ≫ 7008 Version-
Arubanetworks ≫ 7010 Version-
Arubanetworks ≫ 7024 Version-
Arubanetworks ≫ 7030 Version-
Arubanetworks ≫ 7205 Version-
Arubanetworks ≫ 7210 Version-
Arubanetworks ≫ 7220 Version-
Arubanetworks ≫ 7240xm Version-
Arubanetworks ≫ 7280 Version-
Arubanetworks ≫ 7008 Version-
Arubanetworks ≫ 7010 Version-
Arubanetworks ≫ 7024 Version-
Arubanetworks ≫ 7030 Version-
Arubanetworks ≫ 7205 Version-
Arubanetworks ≫ 7210 Version-
Arubanetworks ≫ 7220 Version-
Arubanetworks ≫ 7240xm Version-
Arubanetworks ≫ 7280 Version-
Arubanetworks ≫ Sd-wan Version < 2.1.0.2
Arubanetworks ≫ Sd-wan Version >= 2.2.0.0 < 2.2.0.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.52% | 0.643 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 1.2 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 9 | 8 | 10 |
AV:N/AC:L/Au:S/C:C/I:C/A:C
|