CVE-2020-7121
First published: Wed Sep 23 2020(Updated: )
Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found. Successful exploitation of these vulnerabilities could result in Local Denial of Service of the LLDP (Link Layer Discovery Protocol) process in the switch. This applies to firmware versions prior to 10.04.3021.
Credit: security-alert@hpe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Aruba Networks CX 6200F Firmware | <=10.04.3021 | |
| Aruba CX 6200F | ||
| All of | ||
| Aruba Networks CX 6300 | <=10.04.3021 | |
| Aruba Networks CX 6300 | ||
| All of | ||
| Aruba CX 6400 firmware | <=10.04.3021 | |
| Aruba Networks CX 6400 | ||
| All of | ||
| Aruba CX 8320 firmware | <=10.04.3021 | |
| Aruba CX 8320 | ||
| All of | ||
| Aruba CX 8325 firmware | <=10.04.3021 | |
| Aruba Networks CX 8325 Firmware | ||
| All of | ||
| Aruba Networks CX 8400 | <=10.04.3021 | |
| Aruba Networks CX 8400 | ||
| Aruba Networks CX 6200F Firmware | <=10.04.3021 | |
| Aruba Networks CX 6200F Firmware | ||
| Aruba CX 6300 | <=10.04.3021 | |
| HPE Aruba CX 6300M 24-port | ||
| Aruba CX 6400 Firmware | <=10.04.3021 | |
| Aruba CX 6400 Firmware | ||
| Aruba Networks CX 8320 Firmware | <=10.04.3021 | |
| Aruba CX 8320 firmware | ||
| Aruba Networks CX 8325 Firmware | <=10.04.3021 | |
| Aruba Networks CX 8325 | ||
| Aruba Networks CX 8400 Firmware | <=10.04.3021 | |
| Aruba Networks CX 8400 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2020-7121?
CVE-2020-7121 has been classified with a severity that could lead to local denial of service in affected Aruba CX Switches.
How do I fix CVE-2020-7121?
To fix CVE-2020-7121, users should update their Aruba CX Switches to the latest firmware version beyond 10.04.3021.
Which devices are affected by CVE-2020-7121?
CVE-2020-7121 affects Aruba CX Switches, specifically the 6200F, 6300, 6400, 8320, 8325, and 8400 models running firmware versions up to 10.04.3021.
What kind of attack does CVE-2020-7121 enable?
CVE-2020-7121 enables a local denial of service attack on the LLDP process of the affected switches.
Is CVE-2020-7121 remotely exploitable?
CVE-2020-7121 is not remotely exploitable as it requires local access to the device to exploit the vulnerabilities.
- agent/type
- agent/weakness
- agent/references
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/arubanetworks
- canonical/aruba networks cx 6200f firmware
- version/aruba networks cx 6200f firmware/10.04.3021
- canonical/aruba cx 6200f
- canonical/aruba networks cx 6300
- version/aruba networks cx 6300/10.04.3021
- canonical/aruba cx 6400 firmware
- version/aruba cx 6400 firmware/10.04.3021
- canonical/aruba networks cx 6400
- canonical/aruba cx 8320 firmware
- version/aruba cx 8320 firmware/10.04.3021
- canonical/aruba cx 8320
- canonical/aruba cx 8325 firmware
- version/aruba cx 8325 firmware/10.04.3021
- canonical/aruba networks cx 8325 firmware
- canonical/aruba networks cx 8400
- version/aruba networks cx 8400/10.04.3021
- vendor/aruba
- canonical/aruba cx 6300
- version/aruba cx 6300/10.04.3021
- canonical/hpe aruba cx 6300m 24-port
- canonical/aruba networks cx 8320 firmware
- version/aruba networks cx 8320 firmware/10.04.3021
- version/aruba networks cx 8325 firmware/10.04.3021
- canonical/aruba networks cx 8325
- canonical/aruba networks cx 8400 firmware
- version/aruba networks cx 8400 firmware/10.04.3021