CVE-2020-24637

Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker to bypass secureboot. Successful exploitation of this vulnerability this could lead to remote compromise of system integrity by allowing an attacker to load an untrusted or modified kernel in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
OR cpe:2.3:h:arubanetworks:7005:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7008:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7010:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7024:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7030:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7205:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7210:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7220:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7240xm:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7280:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:a:arubanetworks:sd-wan:*:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:sd-wan:*:*:*:*:*:*:*:*
OR cpe:2.3:h:arubanetworks:9004:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:9004-lte:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:9012:-:*:*:*:*:*:*:*

History

21 Nov 2024, 05:15

Type Values Removed Values Added
References () https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04072en_us - Vendor Advisory () https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04072en_us - Vendor Advisory

18 Nov 2021, 18:17

Type Values Removed Values Added
CPE cpe:2.3:o:arubanetworks:sd-wan:*:*:*:*:*:*:*:* cpe:2.3:a:arubanetworks:sd-wan:*:*:*:*:*:*:*:*

Information

Published : 2020-12-11 02:15

Updated : 2024-11-21 05:15


NVD link : CVE-2020-24637

Mitre link : CVE-2020-24637

CVE.ORG link : CVE-2020-24637


JSON object : View

Products Affected

arubanetworks

  • 7024
  • sd-wan
  • 7205
  • 7210
  • 7280
  • 7008
  • 7220
  • 7010
  • 9012
  • 7005
  • 7240xm
  • 9004-lte
  • arubaos
  • 9004
  • 7030