The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of Treck IP Stack: multiple vulnerabilities

Synthesis of the vulnerability 

An attacker can use several vulnerabilities of Treck IP Stack.
Vulnerable software: APC Switched Rack PDU, ArubaOS, Cisco ASR, ConnectPort TSx, HP ProLiant.
Severity of this announce: 3/4.
Number of vulnerabilities in this bulletin: 19.
Creation date: 17/06/2020.
Références of this computer vulnerability: ARUBA-PSA-2020-006, CERTFR-2020-AVI-375, cisco-sa-treck-ip-stack-JyBQ5GyC, CVE-2020-11896, CVE-2020-11897, CVE-2020-11898, CVE-2020-11899, CVE-2020-11900, CVE-2020-11901, CVE-2020-11902, CVE-2020-11903, CVE-2020-11904, CVE-2020-11905, CVE-2020-11906, CVE-2020-11907, CVE-2020-11908, CVE-2020-11909, CVE-2020-11910, CVE-2020-11911, CVE-2020-11912, CVE-2020-11913, CVE-2020-11914, HPESBHF04012, HPESBNW04010, Ripple20, VIGILANCE-VUL-32551, VU#257161.

Description of the vulnerability 

An attacker can use several vulnerabilities of Treck IP Stack.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This computer vulnerability alert impacts software or systems such as APC Switched Rack PDU, ArubaOS, Cisco ASR, ConnectPort TSx, HP ProLiant.

Our Vigil@nce team determined that the severity of this computer threat alert is important.

The trust level is of type confirmed by the editor, with an origin of intranet client.

This bulletin is about 19 vulnerabilities.

An attacker with a expert ability can exploit this security vulnerability.

Solutions for this threat 

APC Switched Rack PDU: solution for Treck IP Stack.
The solution is indicated in information sources.

ArubaOS: workaround for Treck IP Stack.
A workaround is indicated in the information source.

Cisco ASR 5000: solution CSCvu68945.
The solution is described on the Cisco site:
  https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvu68945
  https://tools.cisco.com/bugsearch/bug/CSCvu68945
  https://tools.cisco.com/quickview/bug/CSCvu68945

DIGI ConnectPort TS: fixed versions for Treck IP Stack.
Fixed versions are indicated in information sources.

HPE ProLiant: solution for Treck IP Stack.
The solution is indicated in information sources.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides systems vulnerabilities announces. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.