A vulnerability in the web-based management interface of AOS-CX could allow a remote unauthenticated malicious user to fingerprint the exact version AOS-CX running on the switch. This allows an malicious user to retrieve information which could be used to more precisely target the switch for further exploitation in ArubaOS-CX Switches version(s): AOS-CX 10.10.xxxx: 10.10.0002 and below, AOS-CX 10.09.xxxx: 10.09.1020 and below, AOS-CX 10.08.xxxx: 10.08.1060 and below, AOS-CX 10.06.xxxx: 10.06.0200 and below. Aruba has released upgrades for ArubaOS-CX Switch Devices that address this security vulnerability.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
arubanetworks aos-cx |