Memory Corruption Vulnerabilities in Aruba CX Switches
CVE-2020-7121

7.5HIGH

Key Information:

Vendor: Aruba
Status: Aruba Cx Switch Series 6200f, 6300, 6400, 8320, 8325, And 8400
Vendor: CVE Published:; 23 September 2020

What is CVE-2020-7121?

Aruba CX Switches, specifically the 6200F, 6300, 6400, 8320, 8325, and 8400 models, are impacted by two memory corruption vulnerabilities. These vulnerabilities can be exploited to induce a local denial of service affecting the LLDP (Link Layer Discovery Protocol) process within the switch. This issue is pertinent to firmware versions prior to 10.04.3021, making it crucial for users to upgrade their firmware to mitigate potential exploitation risks.

Affected Version(s)

Aruba CX Switch Series 6200F, 6300, 6400, 8320, 8325, and 8400 Firmware 10.04.3021 and below

References

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 23, 2020
Vulnerability Reserved
Jan 16, 2020

CVE-2020-7121 Data

JSON