Vulnerability Details CVE-2019-5322
A remotely exploitable information disclosure vulnerability is present in Aruba Intelligent Edge Switch models 5400, 3810, 2920, 2930, 2530 with GigT port, 2530 10/100 port, or 2540. The vulnerability impacts firmware 16.08.* before 16.08.0009, 16.09.* before 16.09.0007 and 16.10.* before 16.10.0003. The vulnerability allows an attacker to retrieve sensitive system information. This attack can be carried out without user authentication under very specific conditions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.8%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2019-5322
-
cpe:2.3:h:arubanetworks:2530_10/100_port:-
-
cpe:2.3:h:arubanetworks:2530_with_gigt_port:-
-
cpe:2.3:h:arubanetworks:2540:-
-
cpe:2.3:h:arubanetworks:2920:-
-
cpe:2.3:h:arubanetworks:2930:-
-
cpe:2.3:h:arubanetworks:3810:-
-
cpe:2.3:h:arubanetworks:5400r:-
-
cpe:2.3:o:arubanetworks:2530_10/100_port_firmware:16.08.0
-
cpe:2.3:o:arubanetworks:2530_10/100_port_firmware:16.09.0
-
cpe:2.3:o:arubanetworks:2530_10/100_port_firmware:16.10.0
-
cpe:2.3:o:arubanetworks:2530_with_gigt_port_firmware:16.08.0
-
cpe:2.3:o:arubanetworks:2530_with_gigt_port_firmware:16.09.0
-
cpe:2.3:o:arubanetworks:2530_with_gigt_port_firmware:16.10.0
-
cpe:2.3:o:arubanetworks:2540_firmware:16.08.0
-
cpe:2.3:o:arubanetworks:2540_firmware:16.09.0
-
cpe:2.3:o:arubanetworks:2540_firmware:16.10.0
-
cpe:2.3:o:arubanetworks:2920_firmware:16.08.0
-
cpe:2.3:o:arubanetworks:2920_firmware:16.09.0
-
cpe:2.3:o:arubanetworks:2920_firmware:16.10.0
-
cpe:2.3:o:arubanetworks:2930_firmware:16.08.0
-
cpe:2.3:o:arubanetworks:2930_firmware:16.09.0
-
cpe:2.3:o:arubanetworks:2930_firmware:16.10.0
-
cpe:2.3:o:arubanetworks:3810_firmware:16.08.0
-
cpe:2.3:o:arubanetworks:3810_firmware:16.09.0
-
cpe:2.3:o:arubanetworks:3810_firmware:16.10.0
-
cpe:2.3:o:arubanetworks:5400r_firmware:16.08.0
-
cpe:2.3:o:arubanetworks:5400r_firmware:16.09.0
-
cpe:2.3:o:arubanetworks:5400r_firmware:16.10.0