CVE-2017-9003
HIGHArubaOS - Memory Corruption and Possible Remote Code Execution
Title source: llmDescription
Multiple memory corruption flaws are present in ArubaOS which could allow an unauthenticated user to crash ArubaOS processes. With sufficient time and effort, it is possible these vulnerabilities could lead to the ability to execute arbitrary code - remote code execution has not yet been confirmed.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-006.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1039580
Scores
CVSS v3
7.5
EPSS
0.0238
EPSS Percentile
85.2%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-119
Status
published
Products (1)
hpe/arubaos
Published
Aug 06, 2018
Tracked Since
Feb 18, 2026