{"containers": {"cna": {"affected": [{"product": "Aruba CX Switch Series 6200F, 6300, 6400, 8320, 8325, and 8400", "vendor": "n/a", "versions": [{"status": "affected", "version": "Firmware 10.04.1000 and below"}]}], "descriptions": [{"lang": "en", "value": "Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found. Successful exploitation of these vulnerabilities could result in Local Denial of Service of the CDP (Cisco Discovery Protocol) process in the switch. This applies to firmware versions prior to 10.04.1000."}], "problemTypes": [{"descriptions": [{"description": "Multiple Memory Corruption Vulnerabilities in the CDP Implementation", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-09-23T12:35:21", "orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-009.txt"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-alert@hpe.com", "ID": "CVE-2020-7122", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Aruba CX Switch Series 6200F, 6300, 6400, 8320, 8325, and 8400", "version": {"version_data": [{"version_value": "Firmware 10.04.1000 and below"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found. Successful exploitation of these vulnerabilities could result in Local Denial of Service of the CDP (Cisco Discovery Protocol) process in the switch. This applies to firmware versions prior to 10.04.1000."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Multiple Memory Corruption Vulnerabilities in the CDP Implementation"}]}]}, "references": {"reference_data": [{"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-009.txt", "refsource": "MISC", "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-009.txt"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T09:18:03.070Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-009.txt"}]}]}, "cveMetadata": {"assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "assignerShortName": "hpe", "cveId": "CVE-2020-7122", "datePublished": "2020-09-23T12:35:21", "dateReserved": "2020-01-16T00:00:00", "dateUpdated": "2024-08-04T09:18:03.070Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arubanetworks:cx_6200f_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A132767A-E9B9-477E-BAAF-A831694F1FC4", "versionEndIncluding": "10.04.1000", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:cx_6200f:-:*:*:*:*:*:*:*", "matchCriteriaId": "3CB3993F-B4A6-4016-AF0F-82A23FE34063", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arubanetworks:cx_6300_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "36CB053C-FA12-4065-BC40-FFE6E0B25B00", "versionEndIncluding": "10.04.1000", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:cx_6300:-:*:*:*:*:*:*:*", "matchCriteriaId": "6C32F7E4-E184-4F76-8638-017DF29D2FFB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arubanetworks:cx_6400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "270EC51F-3CEC-45C1-9E0F-5D38EB550106", "versionEndIncluding": "10.04.1000", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:cx_6400:-:*:*:*:*:*:*:*", "matchCriteriaId": "0A013EAE-387B-4C35-9D8F-E2200081E18E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arubanetworks:cx_8320_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CE87AAEE-644E-4699-B639-B4CE94D503A5", "versionEndIncluding": "10.04.1000", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:cx_8320:-:*:*:*:*:*:*:*", "matchCriteriaId": "7C93CD9C-1FD4-4E4A-9E3A-8FF19DE0D3AE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arubanetworks:cx_8325_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A5483EC-74BF-4C0D-A751-23C9ED42E29A", "versionEndIncluding": "10.04.1000", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:cx_8325:-:*:*:*:*:*:*:*", "matchCriteriaId": "9645D616-077B-4313-B5EF-155B642CB073", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arubanetworks:cx_8400_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2BFEE7A-D4CC-45BF-B277-8C9849A7F616", "versionEndIncluding": "10.04.1000", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:arubanetworks:cx_8400:-:*:*:*:*:*:*:*", "matchCriteriaId": "F4FB7A6B-69C5-45EF-BE61-23BCF5172836", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found. Successful exploitation of these vulnerabilities could result in Local Denial of Service of the CDP (Cisco Discovery Protocol) process in the switch. This applies to firmware versions prior to 10.04.1000."}, {"lang": "es", "value": "Se han encontrado dos vulnerabilidades de corrupci\u00f3n de memoria en Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, y 8400. Una explotaci\u00f3n con \u00e9xito de estas vulnerabilidades podr\u00eda resultar en una Denegaci\u00f3n de Servicio Local del Proceso CDP (Cisco Discovery Protocol) en el switch. Esto aplica a las versiones de firmware anteriores a 10.04.1000"}], "id": "CVE-2020-7122", "lastModified": "2024-11-21T05:36:40.077", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-09-23T13:15:16.093", "references": [{"source": "security-alert@hpe.com", "tags": ["Vendor Advisory"], "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-009.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-009.txt"}], "sourceIdentifier": "security-alert@hpe.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}