There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
References
Link | Resource |
---|---|
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-009.txt | Vendor Advisory |
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-009.txt | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 08:09
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-009.txt - Vendor Advisory |
02 Aug 2023, 16:23
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-009.txt - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
CPE | cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:* cpe:2.3:o:hp:instantos:*:*:*:*:*:*:*:* |
|
CWE | CWE-120 | |
First Time |
Hp
Arubanetworks arubaos Arubanetworks Hp instantos |
25 Jul 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-25 19:15
Updated : 2024-11-21 08:09
NVD link : CVE-2023-35981
Mitre link : CVE-2023-35981
CVE.ORG link : CVE-2023-35981
JSON object : View
Products Affected
hp
- instantos
arubanetworks
- arubaos
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')