cvelistv5 - cve-2018-7084

CVE-2018-7084 (GCVE-0-2018-7084)

Vulnerability from cvelistv5

Published

2019-05-10 17:14

Modified

2024-08-05 06:17

Severity ?

CWE

Unauthenticated command execution

Summary

A command injection vulnerability is present that permits an unauthenticated user with access to the Aruba Instant web interface to execute arbitrary system commands within the underlying operating system. An attacker could use this ability to copy files, read configuration, write files, delete files, or reboot the device. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.1

References

URL

Tags

	https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt	x_refsource_CONFIRM
	https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/108374	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	Aruba Instant (IAP)	Version: Aruba Instant 4.x prior to 6.4.4.8 - 4.2.4.12 Aruba Instant 6.5.x prior to 6.5.4.11 Aruba Instant 8.3.x prior to 8.3.0.6 Aruba Instant 8.4.x prior to 8.4.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:17:17.528Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
          },
          {
            "name": "108374",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108374"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Aruba Instant (IAP)",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Aruba Instant 4.x prior to 6.4.4.8 - 4.2.4.12 Aruba Instant 6.5.x prior to 6.5.4.11 Aruba Instant 8.3.x prior to 8.3.0.6 Aruba Instant 8.4.x prior to 8.4.0.1"
            }
          ]
        }
      ],
      "datePublic": "2019-02-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A command injection vulnerability is present that permits an unauthenticated user with access to the Aruba Instant web interface to execute arbitrary system commands within the underlying operating system. An attacker could use this ability to copy files, read configuration, write files, delete files, or reboot the device. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Unauthenticated command execution",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-05-20T15:06:02.000Z",
        "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "shortName": "hpe"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
        },
        {
          "name": "108374",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108374"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-alert@hpe.com",
          "ID": "CVE-2018-7084",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Aruba Instant (IAP)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Aruba Instant 4.x prior to 6.4.4.8 - 4.2.4.12 Aruba Instant 6.5.x prior to 6.5.4.11 Aruba Instant 8.3.x prior to 8.3.0.6 Aruba Instant 8.4.x prior to 8.4.0.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A command injection vulnerability is present that permits an unauthenticated user with access to the Aruba Instant web interface to execute arbitrary system commands within the underlying operating system. An attacker could use this ability to copy files, read configuration, write files, delete files, or reboot the device. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.1"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Unauthenticated command execution"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt",
              "refsource": "CONFIRM",
              "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
            },
            {
              "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf",
              "refsource": "CONFIRM",
              "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
            },
            {
              "name": "108374",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108374"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
    "assignerShortName": "hpe",
    "cveId": "CVE-2018-7084",
    "datePublished": "2019-05-10T17:14:37.000Z",
    "dateReserved": "2018-02-15T00:00:00.000Z",
    "dateUpdated": "2024-08-05T06:17:17.528Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTFR-2019-AVI-207

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Siemens	N/A	SIMATIC HMI Comfort Outdoor Panels 7" & 15" versions antérieures à V15.1 Update 1
Siemens	N/A	SIMATIC HMI Comfort Panels 4" - 22" versions antérieures à V15.1 Update 1
Siemens	N/A	SIMATIC WinCC (TIA Portal) versions antérieures à V15.1 Update 1
Siemens	N/A	SISHIP IPMS
Siemens	N/A	SIMATIC PCS 7
Siemens	N/A	LOGO! Soft Comfort
Siemens	N/A	LOGO!8 BM
Siemens	N/A	SIMATIC HMI KTP Mobile Panels KTP400F,KTP700, KTP700F, KTP900 et KTP900F versions antérieures à V15.1 Update 1
Siemens	N/A	SIMATIC WinCC V7.5 versions antérieures à V7.5 Upd3
Siemens	N/A	SIMATIC HMI Classic Devices (TP/MP/OP/MPMobile Panel)
Siemens	N/A	SINAMICS PERFECT HARMONY GH180
Siemens	N/A	SISHIP IMAC
Siemens	N/A	SISHIP EMCS
Siemens	N/A	SIMATIC WinCC Runtime Advanced versions antérieures à V15.1 Update 1
Siemens	N/A	SCALANCE W1750D versions antérieures à V8.4.0.1
Siemens	N/A	SIMATIC WinCC Runtime Professional versions antérieures à V15.1 Update 1

References

Title

Publication Time

Tags

Bulletin de sécurité Siemens ssa-705517 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-865156 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-902727 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-606525 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-549547 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-697412 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-804486 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-102144 du 14 mai 2019	None	vendor-advisory
Bulletin de sécurité Siemens ssa-542701 du 14 mai 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "SIMATIC HMI Comfort Outdoor Panels 7\" \u0026 15\" versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI Comfort Panels 4\" - 22\" versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC (TIA Portal) versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SISHIP IPMS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC PCS 7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO! Soft Comfort",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "LOGO!8 BM",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI KTP Mobile Panels KTP400F,KTP700, KTP700F, KTP900 et KTP900F versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC V7.5 versions ant\u00e9rieures \u00e0 V7.5 Upd3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC HMI Classic Devices (TP/MP/OP/MPMobile Panel)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SINAMICS PERFECT HARMONY GH180",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SISHIP IMAC",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SISHIP EMCS",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC Runtime Advanced versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SCALANCE W1750D versions ant\u00e9rieures \u00e0 V8.4.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    },
    {
      "description": "SIMATIC WinCC Runtime Professional versions ant\u00e9rieures \u00e0 V15.1 Update 1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Siemens",
          "scada": true
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-7083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7083"
    },
    {
      "name": "CVE-2019-10919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10919"
    },
    {
      "name": "CVE-2019-10920",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10920"
    },
    {
      "name": "CVE-2019-6572",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6572"
    },
    {
      "name": "CVE-2018-16417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16417"
    },
    {
      "name": "CVE-2018-3991",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3991"
    },
    {
      "name": "CVE-2019-10916",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10916"
    },
    {
      "name": "CVE-2018-3990",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3990"
    },
    {
      "name": "CVE-2018-3989",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-3989"
    },
    {
      "name": "CVE-2019-10922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10922"
    },
    {
      "name": "CVE-2019-10921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10921"
    },
    {
      "name": "CVE-2019-10924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10924"
    },
    {
      "name": "CVE-2019-10918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10918"
    },
    {
      "name": "CVE-2019-10917",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-10917"
    },
    {
      "name": "CVE-2018-7064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7064"
    },
    {
      "name": "CVE-2019-6578",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6578"
    },
    {
      "name": "CVE-2018-7084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7084"
    },
    {
      "name": "CVE-2019-6576",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6576"
    },
    {
      "name": "CVE-2019-6577",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6577"
    },
    {
      "name": "CVE-2019-6574",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-6574"
    },
    {
      "name": "CVE-2018-7082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7082"
    }
  ],
  "initial_release_date": "2019-05-14T00:00:00",
  "last_revision_date": "2019-05-15T00:00:00",
  "links": [],
  "reference": "CERTFR-2019-AVI-207",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-05-14T00:00:00.000000"
    },
    {
      "description": "Ajout de SCADA dans le titre.",
      "revision_date": "2019-05-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nSiemens. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Siemens",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-705517 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-705517.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-865156 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-865156.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-902727 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-902727.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-606525 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-606525.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-549547 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-549547.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-697412 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-697412.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-804486 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-804486.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-102144 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-102144.pdf"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Siemens ssa-542701 du 14 mai 2019",
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-542701.pdf"
    }
  ]
}

CERTFR-2019-AVI-083

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans Aruba Instant. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Aruba Instant 6.5.x versions antérieures à 6.5.4.11
N/A	N/A	Aruba Instant 8.3.x versions antérieures à 8.3.0.6
N/A	N/A	Aruba Instant 4.x versions antérieures à 4.2.4.12
N/A	N/A	Aruba Instant 8.4.x versions antérieures à 8.4.0.1

References

Title

Publication Time

Tags

Bulletin de sécurité Aruba ARUBA-PSA-2019-001 du 27 février 2019

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Aruba Instant 6.5.x versions ant\u00e9rieures \u00e0 6.5.4.11",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Aruba Instant 8.3.x versions ant\u00e9rieures \u00e0 8.3.0.6",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Aruba Instant 4.x versions ant\u00e9rieures \u00e0 4.2.4.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "Aruba Instant 8.4.x versions ant\u00e9rieures \u00e0 8.4.0.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-7083",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7083"
    },
    {
      "name": "CVE-2018-16417",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-16417"
    },
    {
      "name": "CVE-2018-7064",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7064"
    },
    {
      "name": "CVE-2018-7084",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7084"
    },
    {
      "name": "CVE-2018-7082",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-7082"
    }
  ],
  "initial_release_date": "2019-02-28T00:00:00",
  "last_revision_date": "2019-02-28T00:00:00",
  "links": [],
  "reference": "CERTFR-2019-AVI-083",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-02-28T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Injection de code indirecte \u00e0 distance (XSS)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Aruba Instant.\nElles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et\nune injection de code indirecte \u00e0 distance (XSS).\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Aruba Instant",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Aruba ARUBA-PSA-2019-001 du 27 f\u00e9vrier 2019",
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2019-001.txt"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2018-7084 (GCVE-0-2018-7084)

Vulnerability from cvelistv5

CERTFR-2019-AVI-207

Vulnerability from certfr_avis

Solution

CERTFR-2019-AVI-083

Vulnerability from certfr_avis

Solution

Tags

Sightings

Nomenclature