Authentication flaw

2022-09-0618:15:00

PRIOn knowledge base

www.prio-n.com

aos-cx

switch

vulnerability

arubaos-cx

authentication

security

nvd

upgrade

6.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

25.7%

JSON

A vulnerability exists in certain AOS-CX switch models which could allow an attacker with access to the recovery console to bypass normal authentication. A successful exploit allows an attacker to bypass system authentication and achieve total switch compromise in ArubaOS-CX Switches version(s): AOS-CX 10.10.xxxx: 10.10.0002 and below, AOS-CX 10.09.xxxx: 10.09.1030 and below, AOS-CX 10.08.xxxx: 10.08.1070 and below, AOS-CX 10.06.xxxx: 10.06.0210 and below. Aruba has released upgrades for ArubaOS-CX Switch Devices that address this security vulnerability.

CPENameOperatorVersion
aos-cxge10.06.0000
aos-cxle10.06.0210
aos-cxge10.08.0000
aos-cxle10.08.1070
aos-cxge10.09.0000
aos-cxle10.09.1030
aos-cxge10.10.0000
aos-cxle10.10.0002
aos-cxge10.06.0000
aos-cxle10.06.0210

Name	Operator	Version
aos-cx	ge	10.06.0000
aos-cx	le	10.06.0210
aos-cx	ge	10.08.0000
aos-cx	le	10.08.1070
aos-cx	ge	10.09.0000
aos-cx	le	10.09.1030
aos-cx	ge	10.10.0000
aos-cx	le	10.10.0002
aos-cx	ge	10.06.0000
aos-cx	le	10.06.0210