PT-2020-6953 · Aruba · Aruba Cx Switches Series
Published
2020-09-15
·
Updated
2023-12-28
·
CVE-2020-7121
CVSS v2.0
7.8
High
| Vector | AV:N/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Aruba CX Switches Series versions prior to 10.04.3021
Description
The issue is related to memory corruption vulnerabilities, specifically a buffer overflow, in the Aruba CX Switches Series. Successful exploitation could result in a Local Denial of Service of the LLDP (Link Layer Discovery Protocol) process in the switch.
Recommendations
For versions prior to 10.04.3021, update the firmware to version 10.04.3021 or later to resolve the issue. As a temporary workaround, consider restricting access to the LLDP process to minimize the risk of exploitation.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Aruba Cx Switches Series