CVE-2019-5322
First published: Wed Feb 12 2020(Updated: )
A remotely exploitable information disclosure vulnerability is present in Aruba Intelligent Edge Switch models 5400, 3810, 2920, 2930, 2530 with GigT port, 2530 10/100 port, or 2540. The vulnerability impacts firmware 16.08.* before 16.08.0009, 16.09.* before 16.09.0007 and 16.10.* before 16.10.0003. The vulnerability allows an attacker to retrieve sensitive system information. This attack can be carried out without user authentication under very specific conditions.
Credit: security-alert@hpe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Aruba Networks 5400R Firmware | >=16.08.0<16.08.0009 | |
| Aruba Networks 5400R Firmware | >=16.09.0<16.09.0007 | |
| Aruba Networks 5400R Firmware | >=16.10.0<16.10.0003 | |
| Aruba Networks 5400R Firmware | ||
| Aruba 3810M Firmware | >=16.08.0<16.08.0009 | |
| Aruba 3810M Firmware | >=16.09.0<16.09.0007 | |
| Aruba 3810M Firmware | >=16.10.0<16.10.0003 | |
| Aruba 3810 Firmware | ||
| Aruba 2920 Firmware | >=16.08.0<16.08.0009 | |
| Aruba 2920 Firmware | >=16.09.0<16.09.0007 | |
| Aruba 2920 Firmware | >=16.10.0<16.10.0003 | |
| Aruba 2920 | ||
| Aruba Networks 2930 Firmware | >=16.08.0<16.08.0009 | |
| Aruba Networks 2930 Firmware | >=16.09.0<16.09.0007 | |
| Aruba Networks 2930 Firmware | >=16.10.0<16.10.0003 | |
| Aruba Networks 2930 | ||
| Aruba Networks 2530 with GigT port firmware | >=16.08.0<16.08.0009 | |
| Aruba Networks 2530 with GigT port firmware | >=16.09.0<16.09.0007 | |
| Aruba Networks 2530 with GigT port firmware | >=16.10.0<16.10.0003 | |
| Aruba Networks 2530 with GigT port firmware | ||
| Aruba Networks 2530 10/100 Port Firmware | >=16.08.0<16.08.0009 | |
| Aruba Networks 2530 10/100 Port Firmware | >=16.09.0<16.09.0007 | |
| Aruba Networks 2530 10/100 Port Firmware | >=16.10.0<16.10.0003 | |
| Aruba Networks 2530 10/100 Port | ||
| Aruba Networks 2540 Firmware | >=16.08.0<16.08.0009 | |
| Aruba Networks 2540 Firmware | >=16.09.0<16.09.0007 | |
| Aruba Networks 2540 Firmware | >=16.10.0<16.10.0003 | |
| Aruba Networks 2540 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2019-5322?
CVE-2019-5322 is classified as a remotely exploitable information disclosure vulnerability.
How do I fix CVE-2019-5322?
To fix CVE-2019-5322, upgrade to the patched firmware versions: 16.08.0009, 16.09.0007, or 16.10.0003.
Which Aruba Intelligent Edge Switch models are affected by CVE-2019-5322?
CVE-2019-5322 affects Aruba Intelligent Edge Switch models 5400, 3810, 2920, 2930, 2530 with GigT port, 2530 10/100 port, and 2540.
What are the impacted firmware versions for CVE-2019-5322?
The impacted firmware versions for CVE-2019-5322 are firmware versions 16.08.* before 16.08.0009, 16.09.* before 16.09.0007, and 16.10.* before 16.10.0003.
Is there a workaround for CVE-2019-5322?
There is no specific workaround for CVE-2019-5322, and upgrading the firmware is recommended.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/references
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/arubanetworks
- canonical/aruba networks 5400r firmware
- version/aruba networks 5400r firmware/16.08.0
- version/aruba networks 5400r firmware/16.09.0
- version/aruba networks 5400r firmware/16.10.0
- canonical/aruba 3810m firmware
- version/aruba 3810m firmware/16.08.0
- version/aruba 3810m firmware/16.09.0
- version/aruba 3810m firmware/16.10.0
- canonical/aruba 3810 firmware
- canonical/aruba 2920 firmware
- version/aruba 2920 firmware/16.08.0
- version/aruba 2920 firmware/16.09.0
- version/aruba 2920 firmware/16.10.0
- canonical/aruba 2920
- canonical/aruba networks 2930 firmware
- version/aruba networks 2930 firmware/16.08.0
- version/aruba networks 2930 firmware/16.09.0
- version/aruba networks 2930 firmware/16.10.0
- canonical/aruba networks 2930
- canonical/aruba networks 2530 with gigt port firmware
- version/aruba networks 2530 with gigt port firmware/16.08.0
- version/aruba networks 2530 with gigt port firmware/16.09.0
- version/aruba networks 2530 with gigt port firmware/16.10.0
- canonical/aruba networks 2530 10/100 port firmware
- version/aruba networks 2530 10/100 port firmware/16.08.0
- version/aruba networks 2530 10/100 port firmware/16.09.0
- version/aruba networks 2530 10/100 port firmware/16.10.0
- canonical/aruba networks 2530 10/100 port
- canonical/aruba networks 2540 firmware
- version/aruba networks 2540 firmware/16.08.0
- version/aruba networks 2540 firmware/16.09.0
- version/aruba networks 2540 firmware/16.10.0