{ "document": { "aggregate_severity": { "namespace": "https://www.first.org/cvss/v3-1/specification-document", "text": "N/A" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en-US", "notes": [ { "category": "summary", "text": "HPE Aruba Networking has released software updates for the 100 Series Cellular Bridge that address multiple security vulnerabilities.", "title": "Summary" }, { "category": "general", "text": "HPE Aruba Networking 100 Series Cellular Bridge version(s): \n- AOS-10.7.1.x: 10.7.1.1 and below\n\nHPE Aruba Networking bridge software versions that are end of maintenance are affected by these vulnerabilities unless otherwise indicated.", "title": "Affected Products" }, { "category": "general", "text": "Any other HPE Aruba Networking products and software versions not specifically listed above are not affected by these vulnerabilities.", "title": "Unaffected Products" }, { "category": "other", "text": "HPE Aruba Networking is not aware of any public discussion or exploit code that targets the vulnerabilities listed as of the release date of this advisory.", "title": "Exploitation and Public Discussion" }, { "category": "general", "text": "Complete information on reporting security vulnerabilities in HPE Aruba Networking products and obtaining assistance with security incidents is available at: https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00100637en_us. \n\nFor reporting **NEW** HPE Aruba Networking product security issues, email can be sent to aruba-product-sirt(at)hpe.com. For sensitive information we encourage the use of PGP encryption. Our public key can be found at: https://www.hpe.com/info/psrt-pgp-key", "title": "Aruba SIRT Security Procedures" }, { "category": "legal_disclaimer", "text": "(c) Copyright 2025 by Hewlett Packard Enterprise Development LP. This advisory may be redistributed freely after the release date given at the top of the text, provided that the redistributed copies are complete and unmodified, including all data and version information.", "title": "Legal Disclaimer" } ], "publisher": { "category": "vendor", "contact_details": "Email: aruba-product-sirt@hpe.com - For further details please see https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00100637en_us", "issuing_authority": "HPE Aruba Networking’s Security Incident Response Team (SIRT) is responsible for receiving, tracking, managing, and disclosing vulnerabilities in HPE Aruba Networking products. The HPE Aruba Networking SIRT actively works with industry, non-profit and government organizations, and the security community when vulnerabilities are reported. \nA security vulnerability is defined as any weakness in a product that allows an attacker to compromise the confidentiality, integrity, or availability of a product, customer infrastructure, or IT system through an HPE Aruba Networking product in that environment.", "name": "HPE Aruba Networking", "namespace": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00100637en_us" }, "references": [ { "summary": "Original Advisory", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04970en_us&docLocale=en_US" }, { "summary": "HPE Aruba Networking Security Advisory Archive", "url": "https://csaf.arubanetworks.com/" }, { "summary": "HPE Aruba Networking Product Security Incident Response Policy", "url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00100637en_us" } ], "title": "HPE Aruba Networking 100 Series Cellular Bridge, Multiple Vulnerabilities", "tracking": { "current_release_date": "2025-11-18T17:00:00.000Z", "generator": { "date": "2025-11-18T00:48:36.673Z", "engine": { "name": "Secvisogram", "version": "2.5.39" } }, "id": "HPESBNW04970", "initial_release_date": "2025-11-18T17:00:00.000Z", "revision_history": [ { "date": "2025-11-18T17:00:00.000Z", "number": "1", "summary": "Initial release" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "AOS 10.7.2.0", "product": { "name": "AOS-10", "product_id": "10.7.2.0", "product_identification_helper": { "model_numbers": [ "HPE Aruba Networking 100 Series Cellular Bridge" ] } } }, { "category": "product_version_range", "name": "vers:semver/>=10.7.0.0|<=10.7.1.1", "product": { "name": "AOS-10", "product_id": ">=10.7.0.0|<=10.7.1.1", "product_identification_helper": { "model_numbers": [ "HPE Aruba Networking 100 Series Cellular Bridge" ] } } } ], "category": "product_name", "name": "100 Series Cellular Bridge" } ], "category": "vendor", "name": "HPE Aruba Networking" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Nicholas Starke" ], "organization": "HPE Aruba Networking SIRT." } ], "cve": "CVE-2025-37161", "notes": [ { "category": "details", "text": "A vulnerability in the web-based management interface of affected products could allow an unauthenticated remote attacker to cause a denial of service. Successful exploitation could allow an attacker to crash the system, preventing it from rebooting without manual intervention and disrupting network operations.", "title": "Details" }, { "category": "other", "text": "ATLWL-555", "title": "Internal Reference" } ], "product_status": { "fixed": [ "10.7.2.0" ], "known_affected": [ ">=10.7.0.0|<=10.7.1.1" ] }, "remediations": [ { "category": "vendor_fix", "date": "2025-11-18T17:00:00.000Z", "details": "To remediate the vulnerabilities described in the Details section above, upgrade the HPE Aruba Networking 100 Series Cellular Bridge firmware to the applicable version shown below:\n - AOS-10.7.2.0 and above.\n\n Software versions with resolution/fixes for the vulnerabilities covered above can be downloaded from the HPE Networking Support Portal at https://networkingsupport.hpe.com/home/. \n\nHPE Aruba Networking does not evaluate or patch software branches that have reached their End of Maintenance (EoM) milestone.\n For more information about HPE Aruba Networking End of Life policy please visit: https://www.hpe.com/psnow/doc/a00143052enw", "product_ids": [ "10.7.2.0" ], "url": "https://networkingsupport.hpe.com/globalsearch#tab=Software" }, { "category": "workaround", "date": "2025-11-18T17:00:00.000Z", "details": "To minimize the likelihood of an attacker exploiting these vulnerabilities, HPE Aruba Networking recommends that the CLI and web-based management interfaces be restricted to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 and above, along with accounting controls for tracking and logging user activities and resource usage.", "product_ids": [ ">=10.7.0.0|<=10.7.1.1" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "environmentalScore": 7.5, "environmentalSeverity": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 7.5, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ ">=10.7.0.0|<=10.7.1.1" ] } ], "title": "Unauthenticated Remote Denial-of-Service (DoS) Vulnerability in Web Management Interface" }, { "acknowledgments": [ { "names": [ "Nicholas Starke" ], "organization": "HPE Aruba Networking SIRT." } ], "cve": "CVE-2025-37162", "notes": [ { "category": "details", "text": "A vulnerability in the command line interface of affected devices could allow an authenticated remote attacker to conduct a command injection attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system.", "title": "Details" }, { "category": "other", "text": "ATLWL-551, ATLWL-554", "title": "Internal Reference" } ], "product_status": { "fixed": [ "10.7.2.0" ], "known_affected": [ ">=10.7.0.0|<=10.7.1.1" ] }, "remediations": [ { "category": "vendor_fix", "date": "2025-11-18T17:00:00.000Z", "details": "To remediate the vulnerabilities described in the Details section above, upgrade the HPE Aruba Networking 100 Series Cellular Bridge firmware to the applicable version shown below:\n - AOS-10.7.2.0 and above.\n\nSoftware versions with resolution/fixes for the vulnerabilities covered above can be downloaded from the HPE Networking Support Portal at https://networkingsupport.hpe.com/home/. \n\nHPE Aruba Networking does not evaluate or patch software branches that have reached their End of Maintenance (EoM) milestone. For more information about HPE Aruba Networking End of Life policy please visit: https://www.hpe.com/psnow/doc/a00143052enw", "product_ids": [ "10.7.2.0" ], "url": "https://networkingsupport.hpe.com/globalsearch#tab=Software" }, { "category": "workaround", "date": "2025-11-18T17:00:00.000Z", "details": "To minimize the likelihood of an attacker exploiting these vulnerabilities, HPE Aruba Networking recommends that the CLI and web-based management interfaces be restricted to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 and above, along with accounting controls for tracking and logging user activities and resource usage.", "product_ids": [ ">=10.7.0.0|<=10.7.1.1" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "environmentalScore": 6.5, "environmentalSeverity": "MEDIUM", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "temporalScore": 6.5, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ ">=10.7.0.0|<=10.7.1.1" ] } ], "title": "Authenticated Command Injection Vulnerability Leading to Arbitrary Remote Command Execution" } ] }