Aruba Instant up to 4.2.4.11/6.5.4.10/8.3.0.5/8.3.x Web Interface Core Dump information disclosure

Summaryinfo

A vulnerability classified as problematic was found in Aruba Instant up to 4.2.4.11/6.5.4.10/8.3.0.5/8.3.x. Impacted is an unknown function of the component Web Interface. The manipulation results in information disclosure (Core Dump). This vulnerability was named CVE-2018-7083. The attack may be performed from remote. There is no available exploit. Upgrading the affected component is advised.

Detailsinfo

A vulnerability classified as problematic has been found in Aruba Instant up to 4.2.4.11/6.5.4.10/8.3.0.5/8.3.x. Affected is an unknown function of the component Web Interface. The manipulation with an unknown input leads to a information disclosure vulnerability (Core Dump). CWE is classifying the issue as CWE-200. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. This is going to have an impact on confidentiality. CVE summarizes:

If a process running within Aruba Instant crashes, it may leave behind a "core dump", which contains the memory contents of the process at the time it crashed. It was discovered that core dumps are stored in a way that unauthenticated users can access them through the Aruba Instant web interface. Core dumps could contain sensitive information such as keys and passwords. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0

The bug was discovered 02/27/2019. The weakness was presented 05/10/2019 (Website). The advisory is shared for download at arubanetworks.com. This vulnerability is traded as CVE-2018-7083 since 02/15/2018. It is possible to launch the attack remotely. The exploitation doesn't require any form of authentication. There are neither technical details nor an exploit publicly available. The MITRE ATT&CK project declares the attack technique as T1592.

The vulnerability was handled as a non-public zero-day exploit for at least 72 days. During that time the estimated underground price was around $5k-$25k.

Upgrading to version 4.2.4.12, 6.5.4.11, 8.3.0.6 or 8.4.0.0 eliminates this vulnerability.

See VDB-134569, VDB-134567 and VDB-134566 for similar entries. VulDB is the best source for vulnerability data and more expert information about this specific topic.

Productinfo

Vendor

• Aruba

Name

• Instant

Version

• 4.2.4.0
• 4.2.4.1
• 4.2.4.2
• 4.2.4.3
• 4.2.4.4
• 4.2.4.5
• 4.2.4.6
• 4.2.4.7
• 4.2.4.8
• 4.2.4.9
• 4.2.4.10
• 4.2.4.11
• 6.5.4.0
• 6.5.4.1
• 6.5.4.2
• 6.5.4.3
• 6.5.4.4
• 6.5.4.5
• 6.5.4.6
• 6.5.4.7
• 6.5.4.8
• 6.5.4.9
• 6.5.4.10
• 8.0
• 8.1
• 8.2
• 8.3
• 8.3.0.0
• 8.3.0.1
• 8.3.0.2
• 8.3.0.3
• 8.3.0.4
• 8.3.0.5

License

• commercial

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Discussion