CVE-2017-9003 Information

Description

Multiple memory corruption flaws are present in ArubaOS which could allow an unauthenticated user to crash ArubaOS processes. With sufficient time and effort it is possible these vulnerabilities could lead to the ability to execute arbitrary code - remote code execution has not yet been confirmed.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Reference

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-006.txt http://www.securitytracker.com/id/1039580

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

HIGH

Base Severity

7.5