-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 HPE Aruba Networking Product Security Advisory =============================== Advisory ID: HPESBNW04765 CVE: CVE-2024-54008, CVE-2022-25844 Publication Date: 2024-Dec-10 Status: Confirmed Severity: High Revision: 1 Title ===== HPE Aruba Networking AirWave Management Platform, Multiple Vulnerabilities Overview ======== HPE Aruba Networking has released a software update for the AirWave Management Platform that addresses multiple security vulnerabilities. Affected Products ================= HPE Aruba Networking AirWave Management Platform - 8.3.0.3 and below Unaffected Products =================== Any other supported HPE Aruba Networking products not specifically listed above are not affected by these vulnerabilities. Details ======= Authenticated Remote Code Execution (RCE) in Airwave Management Platform CLI (CVE-2024-54008) --------------------------------------------------------------------- An authenticated RCE Vulnerability exists in the AirWave CLI. Successful exploitation of this vulnerability could allow a remote authenticated threat actor to run arbitrary commands as a privileged user on the underlying host. Internal References: ATLAW-203 Severity: High CVSSv3.x Overall Score: 7.2 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Discovery: This vulnerability was discovered by super2233 Regular Expression Denial of Service (ReDoS) (CVE-2022-25844) --------------------------------------------------------------------- The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat() of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value Internal References: ATLAW-198 Severity: Medium CVSSv3.x Overall Score: 5.3 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Discovery: (Snyk) Resolution ========== To resolve the vulnerabilities described above, it is recommended to upgrade the software to the following version: HPE Aruba Networking AirWave Management Platform - 8.3.0.4 and above Workaround ========== To minimize the likelihood of an attacker exploiting this vulnerability, HPE Aruba Networking recommends that the CLI and web-based management interfaces be restricted to a dedicated layer 2 segment/VLAN and/or controlled by firewall policies at layer 3 and above. Exploitation and Public Discussion ================================== The CVE-2022-25844 vulnerability has been widely discussed in public. HPE Aruba Networking is not aware of any exploitation tools or techniques that specifically target HPE Aruba Networking products. Revision History ================ Revision 1 / 2024-Dec-10 / Initial release HPE Aruba Networking SIRT Security Procedures ============================== Complete information on reporting security vulnerabilities in HPE Aruba Networking products and obtaining assistance with security incidents is available at: https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=a00100637en_us For reporting *NEW* HPE Aruba Networking security issues, email can be sent to aruba-sirt(at)hpe.com. For sensitive information we encourage the use of PGP encryption. Our public key can be found at: https://www.hpe.com/info/psrt-pgp-key (c) Copyright 2024 by Hewlett Packard Enterprise Development LP. This advisory may be redistributed freely after the release date given at the top of the text, provided that the redistributed copies are complete and unmodified, including all data and version information. -----BEGIN PGP SIGNATURE----- iQHLBAEBCAA1FiEEMErWmuZGsYOCo0+xpjMm7I0cE64FAmdQvtUXHHNlY3VyaXR5 LWFsZXJ0QGhwZS5jb20ACgkQpjMm7I0cE64EhAwAjsXuJptxosIKVPlx5ueHdTXH hDGNbWFUACLDuZHVAuGQMUYFm40p3+2tt7sMcPdYkKXaU+Af4JLHg6dTB/1hghH3 nvss8UBkVikiHPb/UbU50CDpEMSG/u2I+4JKtI9MPYJ2iydq8ICrB/QMQ50xh5wr zbrYxdE6CIDmo4ozg+xK6dcl5PBATl4b34l0cbD0E5Ms9uQHYbywn5OnynGN/NTh sG9DCSvj09+KRjtf8gIRWUd1qrXx1zMRXNXJ+jmzoNj3OX5T5/vYlzqCs/t7HMJf 9pQj6MoRz4Xce8Dgy1vQxcFWnxwi7UmKGanlOnyxwLE7utAy/7grUPp8BOODKykf 3BoB/vW9SoCTZVBlnizPmWtn2e4uH8S+NbYVe2R7VbGqldVfBtbxYEj7qGtwbtIx KD12vX8uMzeKeo8gEohZqgij7c99NDOIMQoW8EJfw3lv2omDVrv+ADPB6lGB1q6C Ld1i8sZZ1mouO72UkeVP1GaVjI5lcI0rO0RmdLY3 =vWCe -----END PGP SIGNATURE-----