CVE-2018-7080
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability exists in the firmware of embedded BLE radios that are part of some Aruba Access points. An attacker who is able to exploit the vulnerability could install new, potentially malicious firmware into the AP's BLE radio and could then gain access to the AP's console port. This vulnerability is applicable only if the BLE radio has been enabled in affected access points. The BLE radio is disabled by default. Note - Aruba products are NOT affected by a similar vulnerability being tracked as CVE-2018-16986.
Existe una vulnerabilidad en el firmware de las radios BLE embebidas que forman parte de algunos puntos de acceso de Aruba. Un atacante que pueda explotar esta vulnerabilidad podría instalar firmware nuevo y potencialmente malicioso en la radio BLE del punto de acceso para obtener acceso al puerto de la consola del punto de acceso. Esta vulnerabilidad es aplicable solo si la radio BLE está habilitada en los puntos de acceso afectados. La radio BLE está deshabilitada por defecto. Nota: los productos Aruba NO se han visto afectados por una vulnerabilidad rastreada como CVE-2018-16986.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-02-15 CVE Reserved
- 2018-12-07 CVE Published
- 2024-04-29 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (2)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/105814 | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-006.txt | 2020-08-24 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Arubanetworks Search vendor "Arubanetworks" | 203rp Firmware Search vendor "Arubanetworks" for product "203rp Firmware" | - | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | 203rp Search vendor "Arubanetworks" for product "203rp" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | 203r Firmware Search vendor "Arubanetworks" for product "203r Firmware" | - | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | 203r Search vendor "Arubanetworks" for product "203r" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Ap-300 Series Access Points Firmware Search vendor "Arubanetworks" for product "Ap-300 Series Access Points Firmware" | - | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Ap-300 Series Access Points Search vendor "Arubanetworks" for product "Ap-300 Series Access Points" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Ap-300 Series Instant Access Points Firmware Search vendor "Arubanetworks" for product "Ap-300 Series Instant Access Points Firmware" | - | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Ap-300 Series Instant Access Points Search vendor "Arubanetworks" for product "Ap-300 Series Instant Access Points" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Arubaos Search vendor "Arubanetworks" for product "Arubaos" | >= 6.4.4.0 < 6.4.4.20 Search vendor "Arubanetworks" for product "Arubaos" and version " >= 6.4.4.0 < 6.4.4.20" | - |
Affected
| ||||||
| Arubanetworks Search vendor "Arubanetworks" | Arubaos Search vendor "Arubanetworks" for product "Arubaos" | >= 6.5.3.0 < 6.5.3.9 Search vendor "Arubanetworks" for product "Arubaos" and version " >= 6.5.3.0 < 6.5.3.9" | - |
Affected
| ||||||
| Arubanetworks Search vendor "Arubanetworks" | Arubaos Search vendor "Arubanetworks" for product "Arubaos" | >= 6.5.4.0 < 6.5.4.9 Search vendor "Arubanetworks" for product "Arubaos" and version " >= 6.5.4.0 < 6.5.4.9" | - |
Affected
| ||||||
| Arubanetworks Search vendor "Arubanetworks" | Arubaos Search vendor "Arubanetworks" for product "Arubaos" | >= 8.0.0.0 < 8.2.2.2 Search vendor "Arubanetworks" for product "Arubaos" and version " >= 8.0.0.0 < 8.2.2.2" | - |
Affected
| ||||||
| Arubanetworks Search vendor "Arubanetworks" | Arubaos Search vendor "Arubanetworks" for product "Arubaos" | >= 8.3.0.0 < 8.3.0.4 Search vendor "Arubanetworks" for product "Arubaos" and version " >= 8.3.0.0 < 8.3.0.4" | - |
Affected
| ||||||