CVE-2022-23677

EPSS 6.49%
Published 10.05.2022 19:15:09
Last modified 21.11.2024 06:49:04
Source security-alert@hpe.com
Teams watchlist Login
Open Login

A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.03.xxxx: All versions; ArubaOS-Switch 16.04.xxxx: All versions; ArubaOS-Switch 16.05.xxxx: All versions; ArubaOS-Switch 16.06.xxxx: All versions; ArubaOS-Switch 16.07.xxxx: All versions; ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0024 and below; ArubaOS-Switch 16.09.xxxx: KB/WB/WC/YA/YB/YC.16.09.0019 and below; ArubaOS-Switch 16.10.xxxx: KB/WB/WC/YA/YB/YC.16.10.0019 and below; ArubaOS-Switch 16.11.xxxx: KB/WB/WC/YA/YB/YC.16.11.0003 and below. Aruba has released upgrades for ArubaOS-Switch Devices that address these security vulnerabilities.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Arubanetworks ≫ 5406r Firmware Version >= 15.00.0 <= 15.16.0023

Arubanetworks ≫ 5406r Version-

Arubanetworks ≫ 5406r Firmware Version >= 16.01.0 < 16.02.0034

Arubanetworks ≫ 5406r Version-

Arubanetworks ≫ 5406r Firmware Version >= 16.03.0 < 16.04.0024

Arubanetworks ≫ 5406r Version-

Arubanetworks ≫ 5406r Firmware Version >= 16.05.0 < 16.08.0025

Arubanetworks ≫ 5406r Version-

Arubanetworks ≫ 5406r Firmware Version >= 16.09.0 < 16.09.0020

Arubanetworks ≫ 5406r Version-

Arubanetworks ≫ 5406r Firmware Version >= 16.10.0 < 16.10.0020

Arubanetworks ≫ 5406r Version-

Arubanetworks ≫ 5406r Firmware Version >= 16.11.0 < 16.11.0004

Arubanetworks ≫ 5406r Version-

Arubanetworks ≫ 2920 Firmware Version >= 15.00.0 <= 15.16.0023

Arubanetworks ≫ 2920 Version-

Arubanetworks ≫ 2920 Firmware Version >= 16.01.0 < 16.02.0034

Arubanetworks ≫ 2920 Version-

Arubanetworks ≫ 2920 Firmware Version >= 16.03.0 <= 16.04.0024

Arubanetworks ≫ 2920 Version-

Arubanetworks ≫ 2920 Firmware Version >= 16.05.0 < 16.08.0025

Arubanetworks ≫ 2920 Version-

Arubanetworks ≫ 2920 Firmware Version >= 16.09.0 < 16.09.0020

Arubanetworks ≫ 2920 Version-

Arubanetworks ≫ 2920 Firmware Version >= 16.10.0 < 16.10.0020

Arubanetworks ≫ 2920 Version-

Arubanetworks ≫ 2920 Firmware Version >= 16.11.0 < 16.11.0004

Arubanetworks ≫ 2920 Version-

Arubanetworks ≫ 2930f Firmware Version >= 15.00.0 <= 15.16.0023

Arubanetworks ≫ 2930f Version-

Arubanetworks ≫ 2930f Firmware Version >= 16.01.0 < 16.02.0034

Arubanetworks ≫ 2930f Version-

Arubanetworks ≫ 2930f Firmware Version >= 16.03.0 <= 16.04.0024

Arubanetworks ≫ 2930f Version-

Arubanetworks ≫ 2930f Firmware Version >= 16.05.0 < 16.08.0025

Arubanetworks ≫ 2930f Version-

Arubanetworks ≫ 2930f Firmware Version >= 16.09.0 <= 16.09.0020

Arubanetworks ≫ 2930f Version-

Arubanetworks ≫ 2930f Firmware Version >= 16.10.0 <= 16.10.0020

Arubanetworks ≫ 2930f Version-

Arubanetworks ≫ 2930f Firmware Version >= 16.11.0 <= 16.11.0004

Arubanetworks ≫ 2930f Version-

Arubanetworks ≫ 2930m Firmware Version >= 15.00.0 <= 15.16.0023

Arubanetworks ≫ 2930m Version-

Arubanetworks ≫ 2930m Firmware Version >= 16.01.0 < 16.02.0034

Arubanetworks ≫ 2930m Version-

Arubanetworks ≫ 2930m Firmware Version >= 16.03.0 <= 16.04.0024

Arubanetworks ≫ 2930m Version-

Arubanetworks ≫ 2930m Firmware Version >= 16.05.0 < 16.08.0025

Arubanetworks ≫ 2930m Version-

Arubanetworks ≫ 2930m Firmware Version >= 16.09.0 < 16.09.0020

Arubanetworks ≫ 2930m Version-

Arubanetworks ≫ 2930m Firmware Version >= 16.10.0 < 16.10.0020

Arubanetworks ≫ 2930m Version-

Arubanetworks ≫ 2930m Firmware Version >= 16.11.0 < 16.11.0004

Arubanetworks ≫ 2930m Version-

Arubanetworks ≫ 2530 Firmware Version >= 15.00.0 <= 15.16.0023

Arubanetworks ≫ 2530 Version-

Arubanetworks ≫ 2530 Firmware Version >= 16.01.0 < 16.02.0034

Arubanetworks ≫ 2530 Version-

Arubanetworks ≫ 2530 Firmware Version >= 16.03.0 <= 16.04.0024

Arubanetworks ≫ 2530 Version-

Arubanetworks ≫ 2530 Firmware Version >= 16.05.0 < 16.08.0025

Arubanetworks ≫ 2530 Version-

Arubanetworks ≫ 2530 Firmware Version >= 16.09.0 < 16.09.0020

Arubanetworks ≫ 2530 Version-

Arubanetworks ≫ 2530 Firmware Version >= 16.10.0 < 16.10.0020

Arubanetworks ≫ 2530 Version-

Arubanetworks ≫ 2530 Firmware Version >= 16.11.0 < 16.11.0004

Arubanetworks ≫ 2530 Version-

Arubanetworks ≫ 2540 Firmware Version >= 15.00.0 <= 15.16.0023

Arubanetworks ≫ 2540 Version-

Arubanetworks ≫ 2540 Firmware Version >= 16.01.0 < 16.02.0034

Arubanetworks ≫ 2540 Version-

Arubanetworks ≫ 2540 Firmware Version >= 16.03.0 <= 16.04.0024

Arubanetworks ≫ 2540 Version-

Arubanetworks ≫ 2540 Firmware Version >= 16.05.0 < 16.08.0025

Arubanetworks ≫ 2540 Version-

Arubanetworks ≫ 2540 Firmware Version >= 16.09.0 < 16.09.0020

Arubanetworks ≫ 2540 Version-

Arubanetworks ≫ 2540 Firmware Version >= 16.10.0 < 16.10.0020

Arubanetworks ≫ 2540 Version-

Arubanetworks ≫ 2540 Firmware Version >= 16.11.0 < 16.11.0004

Arubanetworks ≫ 2540 Version-

Arubanetworks ≫ 5412r Firmware Version >= 15.00.0 <= 15.16.0023

Arubanetworks ≫ 5412r Version-

Arubanetworks ≫ 5412r Firmware Version >= 16.01.0 < 16.02.0034

Arubanetworks ≫ 5412r Version-

Arubanetworks ≫ 5412r Firmware Version >= 16.03.0 <= 16.04.0024

Arubanetworks ≫ 5412r Version-

Arubanetworks ≫ 5412r Firmware Version >= 16.05.0 < 16.08.0025

Arubanetworks ≫ 5412r Version-

Arubanetworks ≫ 5412r Firmware Version >= 16.09.0 < 16.09.0020

Arubanetworks ≫ 5412r Version-

Arubanetworks ≫ 5412r Firmware Version >= 16.10.0 < 16.10.0020

Arubanetworks ≫ 5412r Version-

Arubanetworks ≫ 5412r Firmware Version >= 16.11.0 < 16.11.0004

Arubanetworks ≫ 5412r Version-

Arubanetworks ≫ 2615 Firmware Version >= 15.00.0 <= 15.16.0023

Arubanetworks ≫ 2615 Version-

Arubanetworks ≫ 2615 Firmware Version >= 16.01.0 < 16.02.0034

Arubanetworks ≫ 2615 Version-

Arubanetworks ≫ 2615 Firmware Version >= 16.03.0 <= 16.04.0024

Arubanetworks ≫ 2615 Version-

Arubanetworks ≫ 2615 Firmware Version >= 16.05.0 < 16.08.0025

Arubanetworks ≫ 2615 Version-

Arubanetworks ≫ 2615 Firmware Version >= 16.09.0 < 16.09.0020

Arubanetworks ≫ 2615 Version-

Arubanetworks ≫ 2615 Firmware Version >= 16.10.0 < 16.10.0020

Arubanetworks ≫ 2615 Version-

Arubanetworks ≫ 2615 Firmware Version >= 16.11.0 < 16.11.0004

Arubanetworks ≫ 2615 Version-

Arubanetworks ≫ 2620 Firmware Version >= 15.00.0 <= 15.16.0023

Arubanetworks ≫ 2620 Version-

Arubanetworks ≫ 2620 Firmware Version >= 16.01.0 < 16.02.0034

Arubanetworks ≫ 2620 Version-

Arubanetworks ≫ 2620 Firmware Version >= 16.03.0 <= 16.04.0024

Arubanetworks ≫ 2620 Version-

Arubanetworks ≫ 2620 Firmware Version >= 16.05.0 < 16.08.0025

Arubanetworks ≫ 2620 Version-

Arubanetworks ≫ 2620 Firmware Version >= 16.09.0 < 16.09.0020

Arubanetworks ≫ 2620 Version-

Arubanetworks ≫ 2620 Firmware Version >= 16.10.0 < 16.10.0020

Arubanetworks ≫ 2620 Version-

Arubanetworks ≫ 2620 Firmware Version >= 16.11.0 < 16.11.0004

Arubanetworks ≫ 2620 Version-

Arubanetworks ≫ 2915 Firmware Version >= 15.00.0 <= 15.16.0023

Arubanetworks ≫ 2915 Version-

Arubanetworks ≫ 2915 Firmware Version >= 16.01.0 < 16.02.0034

Arubanetworks ≫ 2915 Version-

Arubanetworks ≫ 2915 Firmware Version >= 16.03.0 <= 16.04.0024

Arubanetworks ≫ 2915 Version-

Arubanetworks ≫ 2915 Firmware Version >= 16.05.0 < 16.08.0025

Arubanetworks ≫ 2915 Version-

Arubanetworks ≫ 2915 Firmware Version >= 16.09.0 < 16.09.0020

Arubanetworks ≫ 2915 Version-

Arubanetworks ≫ 2915 Firmware Version >= 16.10.0 < 16.10.0020

Arubanetworks ≫ 2915 Version-

Arubanetworks ≫ 2915 Firmware Version >= 16.11.0 < 16.11.0004

Arubanetworks ≫ 2915 Version-

Arubanetworks ≫ 3810m Firmware Version >= 15.00.0 <= 15.16.0023

Arubanetworks ≫ 3810m Version-

Arubanetworks ≫ 3810m Firmware Version >= 16.01.0 < 16.02.0034

Arubanetworks ≫ 3810m Version-

Arubanetworks ≫ 3810m Firmware Version >= 16.03.0 <= 16.04.0024

Arubanetworks ≫ 3810m Version-

Arubanetworks ≫ 3810m Firmware Version >= 16.05.0 < 16.08.0025

Arubanetworks ≫ 3810m Version-

Arubanetworks ≫ 3810m Firmware Version >= 16.09.0 < 16.09.0020

Arubanetworks ≫ 3810m Version-

Arubanetworks ≫ 3810m Firmware Version >= 16.10.0 < 16.10.0020

Arubanetworks ≫ 3810m Version-

Arubanetworks ≫ 3810m Firmware Version >= 16.11.0 < 16.11.0004

Arubanetworks ≫ 3810m Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	6.49%	0.907

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.1	2.2	5.9	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-008.txt

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-23677

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-23677

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-23677

EUVD