Lucene search

K
cve[email protected]CVE-2024-31474
HistoryMay 14, 2024 - 11:15 p.m.

CVE-2024-31474

2024-05-1423:15:10
web.nvd.nist.gov
3
aruba
access point
management protocol
exploitation
operating system
integrity

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

There is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI (Aruba’s Access Point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the affected Access Point

CNA Affected

[
  {
    "defaultStatus": "affected",
    "product": "Aruba InstantOS and Aruba Access Points running ArubaOS 10",
    "vendor": "Hewlett Packard Enterprise (HPE)",
    "versions": [
      {
        "status": "affected",
        "version": "InstantOS or ArubaOS (access points) 10.5.x.x: 10.5.1.0 and below."
      },
      {
        "status": "affected",
        "version": "InstantOS or ArubaOS (access points) 10.4.x.x: 10.4.1.0 and below."
      },
      {
        "status": "affected",
        "version": "InstantOS or ArubaOS (access points) 8.11.x.x: 8.11.2.1 and below."
      },
      {
        "status": "affected",
        "version": "InstantOS or ArubaOS (access points) 8.10.x.x: 8.10.0.10 and below."
      },
      {
        "status": "affected",
        "version": "InstantOS or ArubaOS (access points) 8.6.x.x: 8.6.0.23 and below."
      }
    ]
  }
]

8.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H

6.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.0%

Related for CVE-2024-31474