CVE-2022-37907

A vulnerability exists in the ArubaOS bootloader on 7xxx series controllers which can result in a denial of service (DoS) condition on an impacted system. A successful attacker can cause a system hang which can only be resolved via a power cycle of the impacted controller.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:arubanetworks:sd-wan:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
OR cpe:2.3:h:arubanetworks:7005:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7008:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7010:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7024:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7030:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7205:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7210:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7220:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7240xm:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:7280:-:*:*:*:*:*:*:*

History

02 May 2025, 19:15

Type Values Removed Values Added
CWE CWE-400

21 Nov 2024, 07:15

Type Values Removed Values Added
References () https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt - Vendor Advisory () https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt - Vendor Advisory
Summary
  • (es) Existe una vulnerabilidad en bootloader de ArubaOS en los controladores de la serie 7xxx que puede provocar una condición de Denegación de Servicio (DoS) en un sistema afectado. Un atacante exitoso puede causar un bloqueo del sistema que solo puede resolverse mediante un ciclo de encendido del controlador afectado.
CVSS v2 : unknown
v3 : 7.5
v2 : unknown
v3 : 5.8

Information

Published : 2022-12-12 13:15

Updated : 2025-05-02 19:15


NVD link : CVE-2022-37907

Mitre link : CVE-2022-37907

CVE.ORG link : CVE-2022-37907


JSON object : View

Products Affected

arubanetworks

  • 7220
  • 7005
  • 7210
  • arubaos
  • 7280
  • sd-wan
  • 7030
  • 7240xm
  • 7024
  • 7008
  • 7010
  • 7205
CWE
NVD-CWE-noinfo CWE-400

Uncontrolled Resource Consumption