7.5
CVE-2020-7121
- EPSS 0.35%
- Veröffentlicht 23.09.2020 13:15:16
- Zuletzt bearbeitet 21.11.2024 05:36:39
- Quelle security-alert@hpe.com
- Teams Watchlist Login
- Unerledigt Login
Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found. Successful exploitation of these vulnerabilities could result in Local Denial of Service of the LLDP (Link Layer Discovery Protocol) process in the switch. This applies to firmware versions prior to 10.04.3021.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Arubanetworks ≫ Cx 6200f Firmware Version <= 10.04.3021
Arubanetworks ≫ Cx 6300 Firmware Version <= 10.04.3021
Arubanetworks ≫ Cx 6400 Firmware Version <= 10.04.3021
Arubanetworks ≫ Cx 8320 Firmware Version <= 10.04.3021
Arubanetworks ≫ Cx 8325 Firmware Version <= 10.04.3021
Arubanetworks ≫ Cx 8400 Firmware Version <= 10.04.3021
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.35% | 0.541 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.