CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
13.1%
Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete switch compromise in ArubaOS-CX version(s): AOS-CX 10.09.xxxx: 10.09.1030 and below, AOS-CX 10.08.xxxx: 10.08.1030 and below, AOS-CX 10.06.xxxx: 10.06.0180 and below. Aruba has released upgrades for ArubaOS-CX Switch Devices that address these security vulnerabilities.
Vendor | Product | Version | CPE |
---|---|---|---|
arubanetworks | aos-cx | * | cpe:2.3:o:arubanetworks:aos-cx:*:*:*:*:*:*:*:* |
arubanetworks | cx_10000 | - | cpe:2.3:h:arubanetworks:cx_10000:-:*:*:*:*:*:*:* |
arubanetworks | cx_8325 | - | cpe:2.3:h:arubanetworks:cx_8325:-:*:*:*:*:*:*:* |
arubanetworks | cx_8320 | - | cpe:2.3:h:arubanetworks:cx_8320:-:*:*:*:*:*:*:* |
arubanetworks | cx_9300 | - | cpe:2.3:h:arubanetworks:cx_9300:-:*:*:*:*:*:*:* |
arubanetworks | cx_8360 | - | cpe:2.3:h:arubanetworks:cx_8360:-:*:*:*:*:*:*:* |
arubanetworks | cx_6400 | - | cpe:2.3:h:arubanetworks:cx_6400:-:*:*:*:*:*:*:* |
arubanetworks | cx_6300 | - | cpe:2.3:h:arubanetworks:cx_6300:-:*:*:*:*:*:*:* |
arubanetworks | cx_6200f | - | cpe:2.3:h:arubanetworks:cx_6200f:-:*:*:*:*:*:*:* |
arubanetworks | cx_6100 | - | cpe:2.3:h:arubanetworks:cx_6100:-:*:*:*:*:*:*:* |
[
{
"product": "Aruba CX 6200F Switch Series; Aruba 6300 Switch Series; Aruba 6400 Switch Series; Aruba 8325 Switch Series; Aruba 8400 Switch Series; Aruba CX 8360 Switch Series; ArubaOS-CX Switches",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "AOS-CX 10.09.xxxx: 10.09.1030 and below, AOS-CX 10.08.xxxx: 10.08.1030 and below, AOS-CX 10.06.xxxx: 10.06.0180 and below."
}
]
}
]
More