Skip to main content

Out-of-bounds Write


Severity High
Score 8.1/10


A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.03.xxxx: All versions; ArubaOS-Switch 16.04.xxxx: All versions; ArubaOS-Switch 16.05.xxxx: All versions; ArubaOS-Switch 16.06.xxxx: All versions; ArubaOS-Switch 16.07.xxxx: All versions; ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0024 and below; ArubaOS-Switch 16.09.xxxx: KB/WB/WC/YA/YB/YC.16.09.0019 and below; ArubaOS-Switch 16.10.xxxx: KB/WB/WC/YA/YB/YC.16.10.0019 and below; ArubaOS-Switch 16.11.xxxx: KB/WB/WC/YA/YB/YC.16.11.0003 and below. Aruba has released upgrades for ArubaOS-Switch Devices that address these security vulnerabilities.

  • HIGH
  • HIGH
  • NONE
  • NONE
  • HIGH
  • HIGH

CWE-787 - Out-of-Bounds Write

Out-of-bounds write vulnerability is a memory access bug that allows software to write data past the end or before the beginning of the intended buffer. This may result in the corruption of data, a crash, or arbitrary code execution.


Advisory Timeline

  • Published