CVE-2019-5322

Description

A remotely exploitable information disclosure vulnerability is present in Aruba Intelligent Edge Switch models 5400, 3810, 2920, 2930, 2530 with GigT port, 2530 10/100 port, or 2540. The vulnerability impacts firmware 16.08.* before 16.08.0009, 16.09.* before 16.09.0007 and 16.10.* before 16.10.0003. The vulnerability allows an attacker to retrieve sensitive system information. This attack can be carried out without user authentication under very specific conditions.

7.5

CVSS

Severity: High

CVSS 3.1 •

CVSS 2.0 •

EPSS 0.37%

Vendor Advisory arubanetworks.com

Affected: n/a Aruba Intelligent Edge Switch 5400 3810 2920 2930 2530 with GigT port 2530 10/100 port or 2540

References

Link	Tags
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-001.txt	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2019-5322?: CVE-2019-5322 has been scored as a high severity vulnerability.
How to fix CVE-2019-5322?: To fix CVE-2019-5322, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2019-5322 being actively exploited in the wild?: As for now, there are no information to confirm that CVE-2019-5322 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2019-5322?: CVE-2019-5322 affects n/a Aruba Intelligent Edge Switch 5400 3810 2920 2930 2530 with GigT port 2530 10/100 port or 2540.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.