CVE-2019-5321

moderate-risk
Published 2020-08-26

Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08.* before 16.08.0009, 16.09.* before 16.09.0007, 16.10.* before 16.10.0003 are vulnerable to Remote Unauthorized Access in the WebUI.

Do I need to act?

-
0.45% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (6)

5400R Firmware
3810 Firmware
2920 Firmware
2930 Firmware
2530 Firmware
2540 Firmware

Affected Vendors

Arubanetworks

References (2)

Vendor Advisory https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-007.txt
Vendor Advisory https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-007.txt
45
/ 100
moderate-risk
Severity 30/34 · Critical
Exploitability 2/34 · Minimal
Exposure 13/34 · Low