CVE-2020-7131

Name of the Vulnerable Software and Affected Versions Blade Maintenance Entity versions J06.19.00 through J06.23.01 Integrated Maintenance Entity versions J06.19.00 through J06.23.01 Maintenance Entity (affected versions not specified) J/H-series NonStop systems (affected versions not specified)

Description The vulnerability is associated with an open UDP port 17185 on the Maintenance LAN, which could result in information disclosure, denial-of-service attacks, or local memory corruption against the affected system. A complete control of the system may also be possible if an attacker gains access to the Maintenance LAN.

Recommendations For Blade Maintenance Entity versions J06.19.00 through J06.23.01, install SPR T4805A01^AAZ. For Integrated Maintenance Entity versions J06.19.00 through J06.23.01, install SPR T1805A01^AAI. For Maintenance Entity and J/H-series NonStop systems, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider blocking the UDP port 17185 in the Maintenance LAN Network Switch/Firewall to minimize the risk of exploitation.