Everything Instant On

 View Only

Aruba Instant On :: 1930 Switch - Security Advisory

  • 1.  Aruba Instant On :: 1930 Switch - Security Advisory

    Posted 04-06-2022 01:55 PM
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA256

    Aruba Product Security Advisory
    ===============================
    Advisory ID: ARUBA-PSA-2022-005
    CVE: CVE-2021-41004, CVE-2021-41005
    Publication Date: 2022-Apr-05
    Status: Confirmed
    Severity: High
    Revision: 1


    Title
    =====
    Aruba Instant On Switch Denial of Service Vulnerabilities


    Overview
    ========
    Aruba has discovered two Denial of Service vulnerabilities in Aruba Instant
    On 1930 Switches. CVE-2021-41005 requires authentication to be exploited and
    CVE-2021-41004 can be exploited without supplying any authentication
    information.


    Affected Products
    =================
    -- Aruba Instant On 1930 switches firmware versions 1.0.7.0 and below when
    managed through the local web interface.


    Unaffected Products
    ===================
    -- All other Aruba Switches and all Aruba Access Points
    -- Instant On 1930 Switches when managed through cloud-based mobile app and
    web portal.


    Details
    =======
    Two Denial of Service vulnerabilities were discovered in Aruba Instant On 1930
    Switches. These vulnerabilities can be exploited to cause the switch to reboot.
    CVE-2021-41004 does not require authentication credentials to exploit the
    Denial of Service condition. CVE-2021-41005 requires authentication in order to
    be successfully exploited.

    These vulnerabilities only impact locally managed switches. Cloud managed switches
    are not impacted by these vulnerabilities.

    Unauthenticated Denial of Service: (CVE-2021-41004)
    Internal references: ASIRT-881
    Severity: High
    CVSSv3 Overall Score: 7.5
    CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

    Authenticated Denial of Service: (CVE-2021-41005)
    Internal references: ASIRT-882
    Severity: Medium
    CVSSv3 Overall Score: 6.5
    CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H


    Resolution
    ==========
    Upgrading to version 2.5.0.42 or above addresses both of these vulnerabilities.
    Firmware can be manually updated with the download from here:
    https://community.arubaInstantOn.com/browse/blogs/blogviewer?blogkey=8aac4e14-50d9-4991-8c72-602a4d87768d


    Exploitation and Public Discussion
    ==================================
    Aruba is not aware of any public proof of concept code.


    Workaround and Mitigations
    ==========================
    To further minimize the likelihood of an attacker exploiting these vulnerabilities,
    Aruba recommends that the web-based management interface for Aruba Instant On
    switches be restricted to a dedicated layer 2 segment/VLAN and/or controlled by
    firewall policies at layer 3 and above.


    Discovery
    =========
    These vulnerabilities were discovered by Nicholas Starke of Aruba Threat Labs.


    Revision History
    ================
    Revision 1 / 2022-Apr-05 / Initial release


    Aruba SIRT Security Procedures
    ==============================
    To receive Security Advisory updates, subscribe to notifications at
    https://sirt.arubanetworks.com/mailman/listinfo/security-alerts_sirt.arubanetworks.com

    Complete information on reporting security vulnerabilities in
    Aruba Networks products and obtaining assistance with security
    incidents is available at:

    https://www.arubanetworks.com/support-services/security-bulletins/


    For reporting *NEW* Aruba Networks security issues, email can
    be sent to aruba-sirt(at)hpe.com. For sensitive information we
    encourage the use of PGP encryption. Our public keys can be found
    at:

    https://www.arubanetworks.com/support-services/security-bulletins/


    (c) Copyright 2022 by Aruba, a Hewlett Packard Enterprise
    company. This advisory may be redistributed freely after the
    release date given at the top of the text, provided that the
    redistributed copies are complete and unmodified, including all
    data and version information.
    -----BEGIN PGP SIGNATURE-----

    iQEzBAEBCAAdFiEEMd5pP5EnbG7Y0fo5mP4JykWFhtkFAmJEV64ACgkQmP4JykWF
    htkZ+wf9FVgK2et0k0a1GFERnmREPQN6Y1/y3yICcM5HapG9CoXNPLEX9iVUgzXr
    OghdVqKYvmvOhdTYQc7niYg7iwknintrM+JRvuW7xaxnR22FvcMxaE4TIp9apobU
    4v1/SStZ3Z5lGcsV5dzWflN0GSOtKisOPlHtyy3oYhkYLfudhIIA8zT21z+8omY0
    CCtVxqfUeueF/TXsJBkqZg2gZDrs/EJdbNjLYPMztXgmhUV8MTkE/LszXdZDfWVA
    VxerR/FaxW0yTH+qVvYSdoWBYPG8s8FcDi4pr0VappPJBtdA1KzwMMOdlwQEEX0z
    1rO9+m8ROR23aFPnpfAn1G5DhtT7Vg==
    =Sy0k
    -----END PGP SIGNATURE-----

    ------------------------------
    Aruba Instant On Communications
    ------------------------------