{ "document": { "aggregate_severity": { "namespace": "https://www.first.org/cvss/v3-1/specification-document", "text": "N/A" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en-US", "notes": [ { "category": "summary", "text": "HPE Aruba Networking has released a software update for the HPE Aruba Networking Management Software (AirWave) that addresses multiple security vulnerabilities.", "title": "Summary" }, { "category": "general", "text": "HPE Aruba Networking Management Software (AirWave) \n - 8.3.0.4 and below ", "title": "Affected Products" }, { "category": "general", "text": "All other HPE Aruba Networking products and software versions not explicitly listed above are not affected by the vulnerabilities described in the Details section below.", "title": "Unaffected Products" }, { "category": "other", "text": "Except for the Rsync vulnerabilities (CVE-2024-12084, CVE-2024-12085, \nCVE-2024-12086, CVE-2024-12087, CVE-2024-12088, CVE-2024-12747), which have already been publicly disclosed through the VINCE CERT Coordination Center, HPE Aruba Networking is not aware of any public discussion or exploit code targeting the vulnerabilities described in this advisory. Additionally, as of the advisory?s release date, HPE Aruba Networking has no evidence of tools or techniques actively exploiting these vulnerabilities in HPE Aruba Networking Management Software (AirWave) or in any other HPE Aruba Networking products.\n\nMore information can be found at: https://www.kb.cert.org/vuls/id/952657", "title": "Exploitation and Public Discussion" }, { "category": "general", "text": "Complete information on reporting security vulnerabilities in HPE Aruba Networking products and obtaining assistance with security incidents is available at: https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00100637en_us. \n\nFor reporting **NEW** HPE Aruba Networking security issues, email can be sent to aruba-product-sirt(at)hpe.com. For sensitive information we encourage the use of PGP encryption. Our public key can be found at: https://www.hpe.com/info/psrt-pgp-key", "title": "Aruba SIRT Security Procedures" }, { "category": "legal_disclaimer", "text": "(c) Copyright 2025 by Hewlett Packard Enterprise Development LP. This advisory may be redistributed freely after the release date given at the top of the text, provided that the redistributed copies are complete and unmodified, including all data and version information.", "title": "Legal Disclaimer" } ], "publisher": { "category": "vendor", "contact_details": "Email: aruba-product-sirt@hpe.com - For further details please see https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00100637en_us", "issuing_authority": "HPE Aruba Networking’s Security Incident Response Team (SIRT) is responsible for receiving, tracking, managing, and disclosing vulnerabilities in HPE Aruba Networking products. \nThe HPE Aruba Networking SIRT actively works with industry, non-profit and government organizations, and the security community when vulnerabilities are reported. \nA security vulnerability is defined as any weakness in a product that allows an attacker to compromise the confidentiality, integrity, or availability of a product, customer infrastructure, or IT system through an HPE Aruba Networking product in that environment.", "name": "HPE Aruba Networking", "namespace": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00100637en_us" }, "references": [ { "summary": "Original Advisory", "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04971en_us&docLocale=en_US" }, { "summary": "HPE Aruba Networking Security Advisory Archive", "url": "https://csaf.arubanetworks.com/" }, { "summary": "HPE Aruba Networking Product Security Incident Response Policy", "url": "https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00100637en_us" } ], "title": "HPE Aruba Networking Management Software (AirWave), Multiple Vulnerabilities", "tracking": { "current_release_date": "2025-11-18T17:00:00.000Z", "generator": { "date": "2025-11-17T23:56:04.501Z", "engine": { "name": "Secvisogram", "version": "2.5.39" } }, "id": "HPESBNW04971", "initial_release_date": "2025-11-18T17:00:00.000Z", "revision_history": [ { "date": "2025-11-18T17:00:00.000Z", "number": "1", "summary": "Initial release" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "Airwave 8.3.0.5", "product": { "name": "Airwave", "product_id": "8.3.0.5", "product_identification_helper": { "model_numbers": [ "HPE Aruba Networking Management Software (Airwave)" ] } } }, { "category": "product_version_range", "name": "vers:semver/>=8.3.0.0|<=8.3.0.4", "product": { "name": "Airwave", "product_id": ">=8.3.0.0|<=8.3.0.4", "product_identification_helper": { "model_numbers": [ "HPE Aruba Networking Management Software (Airwave)" ] } } } ], "category": "product_name", "name": "HPE Aruba Networking Management Software (Airwave)" } ], "category": "vendor", "name": "HPE Aruba Networking" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Michael 'Smolli' Smolinski " ] } ], "cve": "CVE-2025-37163", "notes": [ { "category": "details", "text": "A command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform. An authenticated attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges on the underlying operating system.", "title": "Details" }, { "category": "other", "text": "ATLAW-205", "title": "Internal Reference" } ], "product_status": { "fixed": [ "8.3.0.5" ], "known_affected": [ ">=8.3.0.0|<=8.3.0.4" ] }, "remediations": [ { "category": "vendor_fix", "date": "2025-11-18T17:00:00.000Z", "details": "Upgrade the HPE Aruba Networking Management Software (AirWave) to the version listed below to resolve the vulnerabilities described in the Details section above:\n - Airwave 8.3.0.5 and above\n\nThe software version containing fixes for the vulnerabilities described above is available for download from the HPE Networking Support Portal: https://networkingsupport.hpe.com/home/ ", "product_ids": [ "8.3.0.5" ], "url": "https://networkingsupport.hpe.com/globalsearch#tab=Software" }, { "category": "workaround", "date": "2025-11-18T17:00:00.000Z", "details": "None.", "product_ids": [ ">=8.3.0.0|<=8.3.0.4" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "environmentalScore": 7.2, "environmentalSeverity": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "temporalScore": 7.2, "temporalSeverity": "HIGH", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ ">=8.3.0.0|<=8.3.0.4" ] } ], "title": "Authenticated Command Injection Vulnerability in HPE Aruba Networking Management Software (AirWave) CLI" }, { "acknowledgments": [ { "names": [ "Simon Scannel", "Pedro Gallegos", "Josiel Spelman" ], "organization": "Google Cloud Vulnerability Research." } ], "cve": "CVE-2024-12084", "notes": [ { "category": "details", "text": "Rsync, a versatile file-synchronizing tool, contains six vulnerabilities present within versions 3.3.0 and below. Rsync can be used to sync files between remote and local computers, as well as storage devices. The discovered vulnerabilities include heap-buffer overflow, information leak, file leak, external directory file-write, safe-links bypass, and symbolic-link race condition.", "title": "Details" }, { "category": "other", "text": "ATLAW-204", "title": "Internal Reference" } ], "product_status": { "fixed": [ "8.3.0.5" ], "known_affected": [ ">=8.3.0.0|<=8.3.0.4" ] }, "remediations": [ { "category": "vendor_fix", "date": "2025-11-18T17:00:00.000Z", "details": "Upgrade the HPE Aruba Networking Management Software (AirWave) to the version listed below to resolve the vulnerabilities described in the Details section above:\n - Airwave 8.3.0.5 and above\n\nThe software version containing fixes for the vulnerabilities described above is available for download from the HPE Networking Support Portal: https://networkingsupport.hpe.com/home/ ", "product_ids": [ "8.3.0.5" ], "url": "https://networkingsupport.hpe.com/globalsearch#tab=Software" }, { "category": "workaround", "date": "2025-11-18T17:00:00.000Z", "details": "To minimize the likelihood of an attacker exploiting this vulnerability, HPE Aruba Networking recommends that the CLI and web-based management interfaces be restricted to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 and above, along with accounting controls for tracking and logging user activities and resource usage.", "product_ids": [ ">=8.3.0.0|<=8.3.0.4" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "environmentalScore": 6.7, "environmentalSeverity": "MEDIUM", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 6.7, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ ">=8.3.0.0|<=8.3.0.4" ] } ], "title": "Multiple Vulnerabilities in Rsync Daemon allow for Remote Code Execution, Directory Traversal, and Sensitive Information Disclosure " }, { "acknowledgments": [ { "names": [ "Simon Scannel", "Pedro Gallegos", "Josiel Spelman" ], "organization": "Google Cloud Vulnerability Research." } ], "cve": "CVE-2024-12085", "notes": [ { "category": "details", "text": "Rsync, a versatile file-synchronizing tool, contains six vulnerabilities present within versions 3.3.0 and below. Rsync can be used to sync files between remote and local computers, as well as storage devices. The discovered vulnerabilities include heap-buffer overflow, information leak, file leak, external directory file-write, safe-links bypass, and symbolic-link race condition.", "title": "Details" }, { "category": "other", "text": "ATLAW-204", "title": "Internal Reference" } ], "product_status": { "fixed": [ "8.3.0.5" ], "known_affected": [ ">=8.3.0.0|<=8.3.0.4" ] }, "remediations": [ { "category": "vendor_fix", "date": "2025-11-18T17:00:00.000Z", "details": "Upgrade the HPE Aruba Networking Management Software (AirWave) to the version listed below to resolve the vulnerabilities described in the Details section above:\n - Airwave 8.3.0.5 and above\n\nThe software version containing fixes for the vulnerabilities described above is available for download from the HPE Networking Support Portal: https://networkingsupport.hpe.com/home/ ", "product_ids": [ "8.3.0.5" ], "url": "https://networkingsupport.hpe.com/globalsearch#tab=Software" }, { "category": "workaround", "date": "2025-11-18T17:00:00.000Z", "details": "To minimize the likelihood of an attacker exploiting this vulnerability, HPE Aruba Networking recommends that the CLI and web-based management interfaces be restricted to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 and above, along with accounting controls for tracking and logging user activities and resource usage.", "product_ids": [ ">=8.3.0.0|<=8.3.0.4" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "environmentalScore": 6.7, "environmentalSeverity": "MEDIUM", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 6.7, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ ">=8.3.0.0|<=8.3.0.4" ] } ], "title": "Multiple Vulnerabilities in Rsync Daemon allow for Remote Code Execution, Directory Traversal, and Sensitive Information Disclosure " }, { "acknowledgments": [ { "names": [ "Simon Scannel", "Pedro Gallegos", "Josiel Spelman" ], "organization": "Google Cloud Vulnerability Research." } ], "cve": "CVE-2024-12086", "notes": [ { "category": "details", "text": "Rsync, a versatile file-synchronizing tool, contains six vulnerabilities present within versions 3.3.0 and below. Rsync can be used to sync files between remote and local computers, as well as storage devices. The discovered vulnerabilities include heap-buffer overflow, information leak, file leak, external directory file-write, safe-links bypass, and symbolic-link race condition.", "title": "Details" }, { "category": "other", "text": "ATLAW-204", "title": "Internal Reference" } ], "product_status": { "fixed": [ "8.3.0.5" ], "known_affected": [ ">=8.3.0.0|<=8.3.0.4" ] }, "remediations": [ { "category": "vendor_fix", "date": "2025-11-18T17:00:00.000Z", "details": "Upgrade the HPE Aruba Networking Management Software (AirWave) to the version listed below to resolve the vulnerabilities described in the Details section above:\n - Airwave 8.3.0.5 and above\n\nThe software version containing fixes for the vulnerabilities described above is available for download from the HPE Networking Support Portal: https://networkingsupport.hpe.com/home/ ", "product_ids": [ "8.3.0.5" ], "url": "https://networkingsupport.hpe.com/globalsearch#tab=Software" }, { "category": "workaround", "date": "2025-11-18T17:00:00.000Z", "details": "To minimize the likelihood of an attacker exploiting this vulnerability, HPE Aruba Networking recommends that the CLI and web-based management interfaces be restricted to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 and above, along with accounting controls for tracking and logging user activities and resource usage.", "product_ids": [ ">=8.3.0.0|<=8.3.0.4" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "environmentalScore": 6.7, "environmentalSeverity": "MEDIUM", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 6.7, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ ">=8.3.0.0|<=8.3.0.4" ] } ], "title": "Multiple Vulnerabilities in Rsync Daemon allow for Remote Code Execution, Directory Traversal, and Sensitive Information Disclosure " }, { "acknowledgments": [ { "names": [ "Simon Scannel", "Pedro Gallegos", "Josiel Spelman" ], "organization": "Google Cloud Vulnerability Research." } ], "cve": "CVE-2024-12087", "notes": [ { "category": "details", "text": "Rsync, a versatile file-synchronizing tool, contains six vulnerabilities present within versions 3.3.0 and below. Rsync can be used to sync files between remote and local computers, as well as storage devices. The discovered vulnerabilities include heap-buffer overflow, information leak, file leak, external directory file-write, safe-links bypass, and symbolic-link race condition.", "title": "Details" }, { "category": "other", "text": "ATLAW-204", "title": "Internal Reference" } ], "product_status": { "fixed": [ "8.3.0.5" ], "known_affected": [ ">=8.3.0.0|<=8.3.0.4" ] }, "remediations": [ { "category": "vendor_fix", "date": "2025-11-18T17:00:00.000Z", "details": "Upgrade the HPE Aruba Networking Management Software (AirWave) to the version listed below to resolve the vulnerabilities described in the Details section above:\n - Airwave 8.3.0.5 and above\n\nThe software version containing fixes for the vulnerabilities described above is available for download from the HPE Networking Support Portal: https://networkingsupport.hpe.com/home/ ", "product_ids": [ "8.3.0.5" ], "url": "https://networkingsupport.hpe.com/globalsearch#tab=Software" }, { "category": "workaround", "date": "2025-11-18T17:00:00.000Z", "details": "To minimize the likelihood of an attacker exploiting this vulnerability, HPE Aruba Networking recommends that the CLI and web-based management interfaces be restricted to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 and above, along with accounting controls for tracking and logging user activities and resource usage.", "product_ids": [ ">=8.3.0.0|<=8.3.0.4" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "environmentalScore": 6.7, "environmentalSeverity": "MEDIUM", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 6.7, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ ">=8.3.0.0|<=8.3.0.4" ] } ], "title": "Multiple Vulnerabilities in Rsync Daemon allow for Remote Code Execution, Directory Traversal, and Sensitive Information Disclosure " }, { "acknowledgments": [ { "names": [ "Simon Scannel", "Pedro Gallegos", "Josiel Spelman" ], "organization": "Google Cloud Vulnerability Research." } ], "cve": "CVE-2024-12088", "notes": [ { "category": "details", "text": "Rsync, a versatile file-synchronizing tool, contains six vulnerabilities present within versions 3.3.0 and below. Rsync can be used to sync files between remote and local computers, as well as storage devices. The discovered vulnerabilities include heap-buffer overflow, information leak, file leak, external directory file-write, safe-links bypass, and symbolic-link race condition.", "title": "Details" }, { "category": "other", "text": "ATLAW-204", "title": "Internal Reference" } ], "product_status": { "fixed": [ "8.3.0.5" ], "known_affected": [ ">=8.3.0.0|<=8.3.0.4" ] }, "remediations": [ { "category": "vendor_fix", "date": "2025-11-18T17:00:00.000Z", "details": "Upgrade the HPE Aruba Networking Management Software (AirWave) to the version listed below to resolve the vulnerabilities described in the Details section above:\n - Airwave 8.3.0.5 and above\n\nThe software version containing fixes for the vulnerabilities described above is available for download from the HPE Networking Support Portal: https://networkingsupport.hpe.com/home/ ", "product_ids": [ "8.3.0.5" ], "url": "https://networkingsupport.hpe.com/globalsearch#tab=Software" }, { "category": "workaround", "date": "2025-11-18T17:00:00.000Z", "details": "To minimize the likelihood of an attacker exploiting this vulnerability, HPE Aruba Networking recommends that the CLI and web-based management interfaces be restricted to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 and above, along with accounting controls for tracking and logging user activities and resource usage.", "product_ids": [ ">=8.3.0.0|<=8.3.0.4" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "environmentalScore": 6.7, "environmentalSeverity": "MEDIUM", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 6.7, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ ">=8.3.0.0|<=8.3.0.4" ] } ], "title": "Multiple Vulnerabilities in Rsync Daemon allow for Remote Code Execution, Directory Traversal, and Sensitive Information Disclosure " }, { "acknowledgments": [ { "names": [ "Aleksei Gorban" ] } ], "cve": "CVE-2024-12747", "notes": [ { "category": "details", "text": "Rsync, a versatile file-synchronizing tool, contains six vulnerabilities present within versions 3.3.0 and below. Rsync can be used to sync files between remote and local computers, as well as storage devices. The discovered vulnerabilities include heap-buffer overflow, information leak, file leak, external directory file-write, safe-links bypass, and symbolic-link race condition.", "title": "Details" }, { "category": "other", "text": "ATLAW-204", "title": "Internal Reference" } ], "product_status": { "fixed": [ "8.3.0.5" ], "known_affected": [ ">=8.3.0.0|<=8.3.0.4" ] }, "remediations": [ { "category": "vendor_fix", "date": "2025-11-18T17:00:00.000Z", "details": "Upgrade the HPE Aruba Networking Management Software (AirWave) to the version listed below to resolve the vulnerabilities described in the Details section above:\n - Airwave 8.3.0.5 and above\n\nThe software version containing fixes for the vulnerabilities described above is available for download from the HPE Networking Support Portal: https://networkingsupport.hpe.com/home/ ", "product_ids": [ "8.3.0.5" ], "url": "https://networkingsupport.hpe.com/globalsearch#tab=Software" }, { "category": "workaround", "date": "2025-11-18T17:00:00.000Z", "details": "To minimize the likelihood of an attacker exploiting this vulnerability, HPE Aruba Networking recommends that the CLI and web-based management interfaces be restricted to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 and above, along with accounting controls for tracking and logging user activities and resource usage.", "product_ids": [ ">=8.3.0.0|<=8.3.0.4" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "environmentalScore": 6.7, "environmentalSeverity": "MEDIUM", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "temporalScore": 6.7, "temporalSeverity": "MEDIUM", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "products": [ ">=8.3.0.0|<=8.3.0.4" ] } ], "title": "Multiple Vulnerabilities in Rsync Daemon allow for Remote Code Execution, Directory Traversal, and Sensitive Information Disclosure " } ] }