CVE-2023-39268 - Vulnerability Details - OpenCVE

A memory corruption vulnerability in ArubaOS-Switch could lead to unauthenticated remote code execution by receiving specially crafted packets. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Arubanetworks	Aruba 2530 Aruba 2530ya Aruba 2530yb Aruba 2540 Aruba 2920 Aruba 2930f Aruba 2930m Aruba 3810m Aruba 5406r Zl2 Aruba 5412r Zl2
Hpe	Arubaos-switch

Configuration 1 [-]

AND

OR	cpe:2.3:o:hpe:arubaos-switch::::::::
	cpe:2.3:o:hpe:arubaos-switch::::::::
	cpe:2.3:o:hpe:arubaos-switch::::::::
	cpe:2.3:o:hpe:arubaos-switch::::::::
	cpe:2.3:o:hpe:arubaos-switch::::::::

OR	cpe:2.3:h:arubanetworks:aruba_2530:-:::::::*
	cpe:2.3:h:arubanetworks:aruba_2530ya:-:::::::*
	cpe:2.3:h:arubanetworks:aruba_2530yb:-:::::::*
	cpe:2.3:h:arubanetworks:aruba_2540:-:::::::*
	cpe:2.3:h:arubanetworks:aruba_2920:-:::::::*
	cpe:2.3:h:arubanetworks:aruba_2930f:-:::::::*
	cpe:2.3:h:arubanetworks:aruba_2930m:-:::::::*
	cpe:2.3:h:arubanetworks:aruba_3810m:-:::::::*
	cpe:2.3:h:arubanetworks:aruba_5406r_zl2:-:::::::*
	cpe:2.3:h:arubanetworks:aruba_5412r_zl2:-:::::::*

No data.

References

Link	Providers
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt

History

Fri, 27 Sep 2024 20:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: hpe

Published: 2023-08-29T19:38:58.346Z

Updated: 2024-09-27T19:51:59.087Z

Reserved: 2023-07-26T15:52:27.843Z

Link: CVE-2023-39268

Vulnrichment

Updated: 2024-08-02T18:02:06.885Z

NVD

Status : Modified

Published: 2023-08-29T20:15:09.830

Modified: 2024-11-21T08:15:01.323

Link: CVE-2023-39268

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-39268", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "state": "PUBLISHED", "assignerShortName": "hpe", "dateReserved": "2023-07-26T15:52:27.843Z", "datePublished": "2023-08-29T19:38:58.346Z", "dateUpdated": "2024-09-27T19:51:59.087Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "ArubaOS-Switch", "vendor": "Hewlett Packard Enterprise", "versions": [{"status": "affected", "version": "ArubaOS-Switch 16.11.xxxx: KB/WC/YA/YB/YC.16.11.0012 and below."}, {"status": "affected", "version": "ArubaOS-Switch 16.10.xxxx: KB/WC/YA/YB/YC.16.10.0025 and below."}, {"status": "affected", "version": "ArubaOS-Switch 16.10.xxxx: WB.16.10.23 and below."}, {"status": "affected", "version": "ArubaOS-Switch 16.09.xxxx: All versions."}, {"status": "affected", "version": "ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0026 and below."}, {"status": "affected", "version": "ArubaOS-Switch 16.07.xxxx: All versions."}, {"status": "affected", "version": "ArubaOS-Switch 16.06.xxxx: All versions."}, {"status": "affected", "version": "ArubaOS-Switch 16.05.xxxx: All versions."}, {"status": "affected", "version": "ArubaOS-Switch 16.04.xxxx: KA/RA.16.04.0026 and below."}, {"status": "affected", "version": "ArubaOS-Switch 16.03.xxxx: All versions."}, {"status": "affected", "version": "ArubaOS-Switch 16.02.xxxx: All versions."}, {"status": "affected", "version": "ArubaOS-Switch 16.01.xxxx: All versions."}, {"status": "affected", "version": "ArubaOS-Switch 15.xx.xxxx: 15.16.0025 and below."}]}], "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Ken Pyle - Partner and Exploit Developer, CYBIR and Graduate Professor of Cybersecurity at Chestnut Hill College"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A memory corruption vulnerability in ArubaOS-Switch could lead to unauthenticated remote code execution by receiving specially crafted packets. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system."}], "value": "A memory corruption vulnerability in ArubaOS-Switch could lead to unauthenticated remote code execution by receiving specially crafted packets. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2023-08-29T19:38:58.346Z"}, "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt"}], "source": {"discovery": "UNKNOWN"}, "title": "Memory Corruption Vulnerability in ArubaOS-Switch", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:02:06.885Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-09-27T19:38:40.939853Z", "id": "CVE-2023-39268", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-27T19:51:59.087Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:02:06.885Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-39268", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-27T19:38:40.939853Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-27T19:51:54.345Z"}}], "cna": {"title": "Memory Corruption Vulnerability in ArubaOS-Switch", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Ken Pyle - Partner and Exploit Developer, CYBIR and Graduate Professor of Cybersecurity at Chestnut Hill College"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Hewlett Packard Enterprise", "product": "ArubaOS-Switch", "versions": [{"status": "affected", "version": "ArubaOS-Switch 16.11.xxxx: KB/WC/YA/YB/YC.16.11.0012 and below."}, {"status": "affected", "version": "ArubaOS-Switch 16.10.xxxx: KB/WC/YA/YB/YC.16.10.0025 and below."}, {"status": "affected", "version": "ArubaOS-Switch 16.10.xxxx: WB.16.10.23 and below."}, {"status": "affected", "version": "ArubaOS-Switch 16.09.xxxx: All versions."}, {"status": "affected", "version": "ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0026 and below."}, {"status": "affected", "version": "ArubaOS-Switch 16.07.xxxx: All versions."}, {"status": "affected", "version": "ArubaOS-Switch 16.06.xxxx: All versions."}, {"status": "affected", "version": "ArubaOS-Switch 16.05.xxxx: All versions."}, {"status": "affected", "version": "ArubaOS-Switch 16.04.xxxx: KA/RA.16.04.0026 and below."}, {"status": "affected", "version": "ArubaOS-Switch 16.03.xxxx: All versions."}, {"status": "affected", "version": "ArubaOS-Switch 16.02.xxxx: All versions."}, {"status": "affected", "version": "ArubaOS-Switch 16.01.xxxx: All versions."}, {"status": "affected", "version": "ArubaOS-Switch 15.xx.xxxx: 15.16.0025 and below."}], "defaultStatus": "affected"}], "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A memory corruption vulnerability in ArubaOS-Switch could lead to unauthenticated remote code execution by receiving specially crafted packets. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.", "supportingMedia": [{"type": "text/html", "value": "A memory corruption vulnerability in ArubaOS-Switch could lead to unauthenticated remote code execution by receiving specially crafted packets. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.", "base64": false}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2023-08-29T19:38:58.346Z"}}}, "cveMetadata": {"cveId": "CVE-2023-39268", "state": "PUBLISHED", "dateUpdated": "2024-09-27T19:51:59.087Z", "dateReserved": "2023-07-26T15:52:27.843Z", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "datePublished": "2023-08-29T19:38:58.346Z", "assignerShortName": "hpe"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*", "matchCriteriaId": "6EF6288C-3E1F-4E2F-BDE2-319E6774F1BD", "versionEndExcluding": "a.15.16.0026", "vulnerable": true}, {"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*", "matchCriteriaId": "D421C423-B11A-43F0-A0E9-9ABD0CC3E7A9", "versionEndExcluding": "16.04.0027", "versionStartIncluding": "16.01.0000", "vulnerable": true}, {"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*", "matchCriteriaId": "90E95208-9E6A-4A27-91EF-EFF9EBB5CDF0", "versionEndExcluding": "16.08.0027", "versionStartIncluding": "16.05.0000", "vulnerable": true}, {"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*", "matchCriteriaId": "3A977A83-A7F4-4FE7-9AC9-5584801CC039", "versionEndExcluding": "16.10.0024", "versionStartIncluding": "16.10.0001", "vulnerable": true}, {"criteria": "cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*", "matchCriteriaId": "EF10EBA8-E257-4E81-8B5A-04E643FD27F4", "versionEndExcluding": "16.11.0013", "versionStartIncluding": "16.11.0001", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:aruba_2530:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA0DC0DE-5F4A-4D2A-AFCA-E36A103D5A6E", "vulnerable": false}, {"criteria": "cpe:2.3:h:arubanetworks:aruba_2530ya:-:*:*:*:*:*:*:*", "matchCriteriaId": "B8251986-B9F2-4345-A4D7-EB3737F12AE0", "vulnerable": false}, {"criteria": "cpe:2.3:h:arubanetworks:aruba_2530yb:-:*:*:*:*:*:*:*", "matchCriteriaId": "3D7A8F42-55C8-4A2B-8A34-1B1B8BE3BEDF", "vulnerable": false}, {"criteria": "cpe:2.3:h:arubanetworks:aruba_2540:-:*:*:*:*:*:*:*", "matchCriteriaId": "FDEDD15E-289E-4B15-8620-547EA19CAEE7", "vulnerable": false}, {"criteria": "cpe:2.3:h:arubanetworks:aruba_2920:-:*:*:*:*:*:*:*", "matchCriteriaId": "B1782D4A-AD68-4BD2-8453-EE22BCF2DC99", "vulnerable": false}, {"criteria": "cpe:2.3:h:arubanetworks:aruba_2930f:-:*:*:*:*:*:*:*", "matchCriteriaId": "97C4FCD2-BB70-4848-B08A-223B5C3467BB", "vulnerable": false}, {"criteria": "cpe:2.3:h:arubanetworks:aruba_2930m:-:*:*:*:*:*:*:*", "matchCriteriaId": "2561E158-FB61-4FFD-B680-DADF7BC2C6D1", "vulnerable": false}, {"criteria": "cpe:2.3:h:arubanetworks:aruba_3810m:-:*:*:*:*:*:*:*", "matchCriteriaId": "F3CE933B-68BA-45BA-81BD-95D873B858B1", "vulnerable": false}, {"criteria": "cpe:2.3:h:arubanetworks:aruba_5406r_zl2:-:*:*:*:*:*:*:*", "matchCriteriaId": "8E982204-9ADC-4242-86C2-A407D6EA7DB0", "vulnerable": false}, {"criteria": "cpe:2.3:h:arubanetworks:aruba_5412r_zl2:-:*:*:*:*:*:*:*", "matchCriteriaId": "8549CD94-50E2-4615-94C2-D76FADFBA3AC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A memory corruption vulnerability in ArubaOS-Switch could lead to unauthenticated remote code execution by receiving specially crafted packets. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system."}, {"lang": "es", "value": "Una vulnerabilidad de corrupci\u00f3n de memoria en ArubaOS-Switch podr\u00eda provocar la ejecuci\u00f3n remota de c\u00f3digo no autenticado al recibir paquetes especialmente manipulados. La explotaci\u00f3n exitosa de esta vulnerabilidad da como resultado la capacidad de ejecutar c\u00f3digo arbitrario como usuario privilegiado en el sistema operativo subyacente."}], "id": "CVE-2023-39268", "lastModified": "2024-11-21T08:15:01.323", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 4.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 3.6, "source": "security-alert@hpe.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-29T20:15:09.830", "references": [{"source": "security-alert@hpe.com", "tags": ["Vendor Advisory"], "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt"}], "sourceIdentifier": "security-alert@hpe.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}