CVE-2022-37908
Summary
| CVE | CVE-2022-37908 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-12-12 13:15:00 UTC |
| Updated | 2023-11-07 03:49:00 UTC |
| Description | An authenticated attacker can impact the integrity of the ArubaOS bootloader on 7xxx series controllers. Successful exploitation can compromise the hardware chain of trust on the impacted controller. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Arubanetworks | 7005 | - | All | All | All |
| Hardware | Arubanetworks | 7008 | - | All | All | All |
| Hardware | Arubanetworks | 7010 | - | All | All | All |
| Hardware | Arubanetworks | 7024 | - | All | All | All |
| Hardware | Arubanetworks | 7030 | - | All | All | All |
| Hardware | Arubanetworks | 7205 | - | All | All | All |
| Hardware | Arubanetworks | 7210 | - | All | All | All |
| Hardware | Arubanetworks | 7220 | - | All | All | All |
| Hardware | Arubanetworks | 7240xm | - | All | All | All |
| Hardware | Arubanetworks | 7280 | - | All | All | All |
| Operating System | Arubanetworks | Arubaos | All | All | All | All |
| Application | Arubanetworks | Sd-wan | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt | MISC | www.arubanetworks.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 43986 Hewlett Packard Enterprise (HPE) ArubaOS Multiple Vulnerabilities (ARUBA-PSA-2022-016)