Security Advisories | 安移通网络科技(中国)有限公司 https://www.arubanetworks.com/zh-hans/ People move. Networks must follow. Tue, 26 Jul 2022 16:03:45 +0000 zh-CN hourly 1 Vulnerability in Aruba Virtual Intranet Access (VIA) https://www.arubanetworks.com/zh-hans/security-advisory/vulnerability-in-aruba-virtual-intranet-access-via/ Tue, 26 Jul 2022 16:03:45 +0000 https://www.arubanetworks.com/?post_type=security-advisory&p=1298530 Aruba has released an update to Aruba Virtual Intranet […]

The post Vulnerability in Aruba Virtual Intranet Access (VIA) first appeared on 安移通网络科技(中国)有限公司.]]>
Aruba has released an update to Aruba Virtual Intranet Access (VIA) that addresses a security vulnerability in the Aruba VIA client for the Microsoft Windows operating system. This vulnerability does not affect Aruba VIA clients for other operating systems.

The post Vulnerability in Aruba Virtual Intranet Access (VIA) first appeared on 安移通网络科技(中国)有限公司.]]>
Multiple Vulnerabilities in Expat XML processing library https://www.arubanetworks.com/zh-hans/security-advisory/multiple-vulnerabilities-in-expat-xml-processing-library/ Thu, 21 Jul 2022 15:37:26 +0000 https://stage-v2.arubanetworks.com/?post_type=security-advisory&p=1122903 Multiple CVEs have been disclosed that involve the faul […]

The post Multiple Vulnerabilities in Expat XML processing library first appeared on 安移通网络科技(中国)有限公司.]]>
Multiple CVEs have been disclosed that involve the faulty handling of XML input by the Expat application and library. These CVEs impact multiple Aruba products.

The post Multiple Vulnerabilities in Expat XML processing library first appeared on 安移通网络科技(中国)有限公司.]]>
Faulty OpenSSL Handling of Certificates Containing Elliptic Curve Public Keys Leading to Denial of Service https://www.arubanetworks.com/zh-hans/security-advisory/faulty-openssl-handling-of-certificates-containing-elliptic-curve-public-keys-leading-to-denial-of-service/ Thu, 21 Jul 2022 15:30:52 +0000 https://stage-v2.arubanetworks.com/?post_type=security-advisory&p=1121582 A CVE has been disclosed that involves the faulty handl […]

The post Faulty OpenSSL Handling of Certificates Containing Elliptic Curve Public Keys Leading to Denial of Service first appeared on 安移通网络科技(中国)有限公司.]]>
A CVE has been disclosed that involves the faulty handling of certain certificates by OpenSSL. This CVE impacts multiple Aruba products.

The post Faulty OpenSSL Handling of Certificates Containing Elliptic Curve Public Keys Leading to Denial of Service first appeared on 安移通网络科技(中国)有限公司.]]>
Heap Overflow Vulnerabilities Within ArubaOS-Switch Devices https://www.arubanetworks.com/zh-hans/security-advisory/heap-overflow-vulnerabilities-within-arubaos-switch-devices/ Tue, 21 Jun 2022 16:23:14 +0000 https://stage-v2.arubanetworks.com/?post_type=security-advisory&p=1121289 The Armis Research Team has discovered multiple heap ov […]

The post Heap Overflow Vulnerabilities Within ArubaOS-Switch Devices first appeared on 安移通网络科技(中国)有限公司.]]>
The Armis Research Team has discovered multiple heap overflow vulnerabilities with various networking vendors. ArubaOS-Switch devices are affected by these vulnerabilities in the affected versions. Exploitation of these vulnerabilities allow for attackers to execute arbitrary code on the affected device.

The post Heap Overflow Vulnerabilities Within ArubaOS-Switch Devices first appeared on 安移通网络科技(中国)有限公司.]]>
ClearPass Policy Manager Multiple Vulnerabilities https://www.arubanetworks.com/zh-hans/security-advisory/clearpass-policy-manager-multiple-vulnerabilities-15/ Wed, 04 May 2022 16:10:43 +0000 https://stage-v2.arubanetworks.com/?post_type=security-advisory&p=1121581 Aruba has released updates to ClearPass Policy Manager […]

The post ClearPass Policy Manager Multiple Vulnerabilities first appeared on 安移通网络科技(中国)有限公司.]]>
Aruba has released updates to ClearPass Policy Manager that address multiple security vulnerabilities.

The post ClearPass Policy Manager Multiple Vulnerabilities first appeared on 安移通网络科技(中国)有限公司.]]>
AOS-CX Switches Multiple Vulnerabilities https://www.arubanetworks.com/zh-hans/security-advisory/aos-cx-switches-multiple-vulnerabilities/ Wed, 06 Apr 2022 18:00:36 +0000 https://stage-v2.arubanetworks.com/?post_type=security-advisory&p=342502 Aruba has released updates for wired switch products ru […]

The post AOS-CX Switches Multiple Vulnerabilities first appeared on 安移通网络科技(中国)有限公司.]]>
Aruba has released updates for wired switch products running AOS-CX that address multiple security vulnerabilities.

The post AOS-CX Switches Multiple Vulnerabilities first appeared on 安移通网络科技(中国)有限公司.]]>
Multiple CVEs involving Spring Cloud and Spring Framework https://www.arubanetworks.com/zh-hans/security-advisory/multiple-cves-involving-spring-cloud-and-spring-framework/ Wed, 06 Apr 2022 15:49:52 +0000 https://stage-v2.arubanetworks.com/?post_type=security-advisory&p=1117609 Three CVEs have been published about various vulnerabil […]

The post Multiple CVEs involving Spring Cloud and Spring Framework first appeared on 安移通网络科技(中国)有限公司.]]>
Three CVEs have been published about various vulnerabilities discovered in the Spring Framework and Spring Cloud.

The post Multiple CVEs involving Spring Cloud and Spring Framework first appeared on 安移通网络科技(中国)有限公司.]]>
Aruba Instant On Switch Denial of Service Vulnerabilities https://www.arubanetworks.com/zh-hans/security-advisory/aruba-instant-on-switch-denial-of-service-vulnerabilities/ Tue, 05 Apr 2022 16:36:56 +0000 https://stage-v2.arubanetworks.com/?post_type=security-advisory&p=1117193 Aruba has discovered two Denial of Service vulnerabilit […]

The post Aruba Instant On Switch Denial of Service Vulnerabilities first appeared on 安移通网络科技(中国)有限公司.]]>
Aruba has discovered two Denial of Service vulnerabilities in Aruba Instant On 1930 Switches. CVE-2021-41005 requires authentication to be exploited and CVE-2021-41004 can be exploited without supplying any authentication information.

The post Aruba Instant On Switch Denial of Service Vulnerabilities first appeared on 安移通网络科技(中国)有限公司.]]>
Local Privilege Escalation in polkit’s pkexec https://www.arubanetworks.com/zh-hans/security-advisory/local-privilege-escalation-in-polkits-pkexec/ Tue, 01 Feb 2022 18:24:25 +0000 https://stage-v2.arubanetworks.com/?post_type=security-advisory&p=339880 The Qualys Research Team has discovered a memory corrup […]

The post Local Privilege Escalation in polkit’s pkexec first appeared on 安移通网络科技(中国)有限公司.]]>
The Qualys Research Team has discovered a memory corruption vulnerability in polkit’s pkexec, a SUID-root program installed in many major Linux distributions. Exploitation of this vulnerability allows for any unprivileged local user to gain full root privileges on the affected host.

The post Local Privilege Escalation in polkit’s pkexec first appeared on 安移通网络科技(中国)有限公司.]]>
9000 Series Gateways Multiple UEFI Vulnerabilities https://www.arubanetworks.com/zh-hans/security-advisory/9000-series-gateways-multiple-uefi-vulnerabilities/ Tue, 01 Feb 2022 18:22:26 +0000 https://stage-v2.arubanetworks.com/?post_type=security-advisory&p=339879 On February 1st, 2022, multiple vulnerabilities in the […]

The post 9000 Series Gateways Multiple UEFI Vulnerabilities first appeared on 安移通网络科技(中国)有限公司.]]>
On February 1st, 2022, multiple vulnerabilities in the UEFI implementation of Insyde H20 BIOS have been made public. Aruba 9000 Series Gateways are affected by these vulnerabilities.

The post 9000 Series Gateways Multiple UEFI Vulnerabilities first appeared on 安移通网络科技(中国)有限公司.]]>