CVE Vulnerabilities

CVE-2022-37907

Published: Dec 12, 2022 | Modified: Nov 07, 2023
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

A vulnerability exists in the ArubaOS bootloader on 7xxx series controllers which can result in a denial of service (DoS) condition on an impacted system. A successful attacker can cause a system hang which can only be resolved via a power cycle of the impacted controller.

Affected Software

Name Vendor Start Version End Version
Sd-wan Arubanetworks 8.7.0.0-2.3.0.0 (including) 8.7.0.0-2.3.0.6 (excluding)
Arubaos Arubanetworks 6.5.4.0 (including) 6.5.4.22 (excluding)
Arubaos Arubanetworks 8.4.0.0 (including) 8.6.0.17 (excluding)
Arubaos Arubanetworks 8.7.0.0 (including) 8.7.1.9 (excluding)
Arubaos Arubanetworks 8.8.0.0 (including) 10.3.0.1 (excluding)

References