CVE-2018-7080
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2018-7080
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability exists in the firmware of embedded BLE radios that are part of some Aruba Access points. An attacker who is able to exploit the vulnerability could install new, potentially malicious firmware into the AP's BLE radio and could then gain access to the AP's console port. This vulnerability is applicable only if the BLE radio has been enabled in affected access points. The BLE radio is disabled by default. Note - Aruba products are NOT affected by a similar vulnerability being tracked as CVE-2018-16986.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多款Aruba产品安全特征问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Aruba AP-3xx等都是美国安移通网络(Aruba Networks)公司的无线访问接入点设备。embedded BLE radios是其中的一个嵌入式无线电台。 多款Aruba产品中的嵌入式BLE radios的固件存在安全漏洞。远程攻击者可利用该漏洞将恶意的固件安装到BLE radio中,进而获取AP控制台端口的访问权限。以下产品和版本和受到影响:Aruba AP-3xx;IAP-3xx;AP-203R;AP-203RP;ArubaOS 6.4.4.20之前的6.4.4.x版本,6.5.3.9之
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Hewlett Packard Enterprise | Aruba Access Points | AP-3xx and IAP-3xx series access points, AP-203R, AP-203RP, ArubaOS 6.4.4.x prior to 6.4.4.20, ArubaOS 6.5.3.x prior to 6.5.3.9, ArubaOS 6.5.4.x prior to 6.5.4.9, ArubaOS 8.x prior to 8.2.2.2, ArubaOS 8.3.x prior to 8.3.0.4 | - |
II. Public POCs for CVE-2018-7080
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2018-7080
请登录查看更多情报信息。
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-006.txtx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2018-7080
Same Patch Batch · Hewlett Packard Enterprise · 2018-12-07 · 6 CVEs total
| CVE-2018-7063 | Aruba ClearPass 安全漏洞 | |
| CVE-2018-7065 | Aruba ClearPass Policy Manager SQL注入漏洞 | |
| CVE-2018-7066 | Aruba ClearPass Policy Manager 安全漏洞 | |
| CVE-2018-7067 | Aruba ClearPass Policy Manager 安全漏洞 | |
| CVE-2018-7079 | Aruba ClearPass Policy Manager 安全漏洞 |
IV. Related Vulnerabilities
Same vendor: Hewlett Packard Enterprise
V. Comments for CVE-2018-7080
No comments yet