-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Aruba Product Security Advisory =============================== Advisory ID: ARUBA-PSA-2021-014 CVE: CVE-2021-3156 Publication Date: 2021-Aug-03 Status: Confirmed Severity: High Revision: 1 Title ===== Sudo Privilege Escalation Vulnerability in Analytics and Location Engine (ALE) Overview ======== Aruba has released updates to Analytics and Location Engine (ALE) that address a security vulnerability in the sudo utility Affected Products ================= This vulnerability affects Analytics and Location Engine (ALE) running the following versions: - ALE 2.1.0.* prior to 2.1.0.4 - ALE 2.0.0.* Details ======= Sudo Privilege Escalation Vulnerability aka "Baron Samedit" (CVE-2021-3156) --------------------------------------------------------------------- A vulnerability in the command line parameter parsing code of sudo could allow an attacker with access to sudo to execute commands or binaries with root privileges. ALE does not allow access to local shell commands during normal operation and so the main impact of this vulnerability would be as part of a "chained attack" where an attacker has achieved a foothold with lower privileges via another vulnerability and then uses this to escalate privileges. Internal references: ATLWL-217 Severity: High CVSSv3 Overall Score: 7.8 CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Discovery: This vulnerability was discovered and published by the Qualys Research Team. Resolution ========== The vulnerabilities contained in this advisory can be addressed by patching or upgrading to one of the ALE versions listed below - ALE 2.2.0.*: 2.2.0.0 and above - ALE 2.1.0.*: 2.1.0.4 and above Workaround ========== None. Exploitation and Public Discussion ================================== There is discussion of the "Baron Samedit" vulnerability being exploited in vulnerable systems contained sudo. However, exploitation explicitly requires abuse of a lower privileged account on an affected system and Aruba has no known instances of this being used against ALE specifically. Revision History ================ Revision 1 / 2021-Aug-03 / Initial release Aruba SIRT Security Procedures ============================== Complete information on reporting security vulnerabilities in Aruba Networks products and obtaining assistance with security incidents is available at: http://www.arubanetworks.com/support-services/security-bulletins/ For reporting *NEW* Aruba Networks security issues, email can be sent to aruba-sirt(at)hpe.com. For sensitive information we encourage the use of PGP encryption. Our public keys can be found at: http://www.arubanetworks.com/support-services/security-bulletins/ (c) Copyright 2021 by Aruba, a Hewlett Packard Enterprise company. This advisory may be redistributed freely after the release date given at the top of the text, provided that the redistributed copies are complete and unmodified, including all data and version information. -----BEGIN PGP SIGNATURE----- iQFLBAEBCAA1FiEEMd5pP5EnbG7Y0fo5mP4JykWFhtkFAmD4jHwXHHNpcnRAYXJ1 YmFuZXR3b3Jrcy5jb20ACgkQmP4JykWFhtlADgf+IIr6uquEs+9/v5sifqZvfeB1 6QMvZCF85gmCLg8dguKm3tCRBFPJ6SDCEXe+hV5GnVNb2etJXxpBSWAyT5l043J1 IeN2hwZp1xMVK3FSywQZQ06xQbMEtGXJqVlqfKInt2qlghkORv/sxWQvrpNlCe8V KQ2zgjjSKz/j3ejGsX2Nqw914Qx/FbFbGNELM78+bA4UQ+azDEGOMMLYM3QYZX1j Uj9zhH+bwiQikxndrcnlOeBf7OU3PB6n6ASYQJUshue8DU0qAfuauE58eM1aWXlk io8/Q/jaSQSfcJljXSwJm5tBv1lnoETOJqVO0Z9kQ5cuCjiR0nxKq5obXrXMBQ== =OKnr -----END PGP SIGNATURE-----