CVE-2022-37910

CVSS V2 None CVSS V3 None

Description

A buffer overflow vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in a denial of service on the affected system.

Overview

CVE ID
CVE-2022-37910

Assigner
security-alert@hpe.com

Vulnerability Status
Analyzed

Published Version
2022-12-12T13:15:13

Last Modified Date
2022-12-13T21:20:21

Weakness Enumerations

CWE	URL
CWE-120	http://cwe.mitre.org/data/definitions/120.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
cpe:2.3:a:arubanetworks:sd-wan::::::::	1	OR	8.7.0.0-2.3.0.0	8.7.0.0-2.3.0.6
cpe:2.3:o:arubanetworks:arubaos::::::::	1	OR	6.5.4.0	6.5.4.22
cpe:2.3:o:arubanetworks:arubaos::::::::	1	OR	8.4.0.0	8.6.0.17
cpe:2.3:o:arubanetworks:arubaos::::::::	1	OR	8.7.0.0	8.7.1.9
cpe:2.3:o:arubanetworks:arubaos::::::::	1	OR	8.8.0.0	10.3.0.1

References

Reference URL	Reference Tags
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2022-37910
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37910

History

Created	Old Value	New Value	Data Type	Notes
2022-12-12 13:15:34				Added to TrackCVE
2022-12-12 14:15:55	2022-12-12T13:15:13.317	2022-12-12T13:15:13	CVE Published Date	updated
2022-12-12 14:15:55		2022-12-12T13:17:51	CVE Modified Date	updated
2022-12-12 14:15:55	Received	Awaiting Analysis	Vulnerability Status	updated
2022-12-13 16:18:16	Awaiting Analysis	Undergoing Analysis	Vulnerability Status	updated
2022-12-13 22:14:46		2022-12-13T21:20:21	CVE Modified Date	updated
2022-12-13 22:14:46	Undergoing Analysis	Analyzed	Vulnerability Status	updated
2022-12-13 22:14:46		CWE-120	Weakness Enumeration	new
2022-12-13 22:14:47			CPE Information	updated