CVE-2019-5322

A remotely exploitable information disclosure vulnerability is present in Aruba Intelligent Edge Switch models 5400, 3810, 2920, 2930, 2530 with GigT port, 2530 10/100 port, or 2540. The vulnerability impacts firmware 16.08.* before 16.08.0009, 16.09.* before 16.09.0007 and 16.10.* before 16.10.0003. The vulnerability allows an attacker to retrieve sensitive system information. This attack can be carried out without user authentication under very specific conditions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
hpeCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
arubanetworks5400r_firmware
16.08.0 ≤
𝑥
< 16.08.0009
arubanetworks5400r_firmware
16.09.0 ≤
𝑥
< 16.09.0007
arubanetworks5400r_firmware
16.10.0 ≤
𝑥
< 16.10.0003
arubanetworks3810_firmware
16.08.0 ≤
𝑥
< 16.08.0009
arubanetworks3810_firmware
16.09.0 ≤
𝑥
< 16.09.0007
arubanetworks3810_firmware
16.10.0 ≤
𝑥
< 16.10.0003
arubanetworks2920_firmware
16.08.0 ≤
𝑥
< 16.08.0009
arubanetworks2920_firmware
16.09.0 ≤
𝑥
< 16.09.0007
arubanetworks2920_firmware
16.10.0 ≤
𝑥
< 16.10.0003
arubanetworks2930_firmware
16.08.0 ≤
𝑥
< 16.08.0009
arubanetworks2930_firmware
16.09.0 ≤
𝑥
< 16.09.0007
arubanetworks2930_firmware
16.10.0 ≤
𝑥
< 16.10.0003
arubanetworks2530_with_gigt_port_firmware
16.08.0 ≤
𝑥
< 16.08.0009
arubanetworks2530_with_gigt_port_firmware
16.09.0 ≤
𝑥
< 16.09.0007
arubanetworks2530_with_gigt_port_firmware
16.10.0 ≤
𝑥
< 16.10.0003
arubanetworks2530_10\/100_port_firmware
16.08.0 ≤
𝑥
< 16.08.0009
arubanetworks2530_10\/100_port_firmware
16.09.0 ≤
𝑥
< 16.09.0007
arubanetworks2530_10\/100_port_firmware
16.10.0 ≤
𝑥
< 16.10.0003
arubanetworks2540_firmware
16.08.0 ≤
𝑥
< 16.08.0009
arubanetworks2540_firmware
16.09.0 ≤
𝑥
< 16.09.0007
arubanetworks2540_firmware
16.10.0 ≤
𝑥
< 16.10.0003
𝑥
= Vulnerable software versions
References
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-001.txt
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-001.txt