Lucene search

HpeCVELIST:CVE-2024-26303

HistoryMar 26, 2024 - 8:25 p.m.

CVE-2024-26303

2024-03-2620:25:44

hpe

www.cve.org

vulnerability

arubaos-switch

denial of service

authenticated

ssh daemon

4.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

Authenticated Denial of Service Vulnerability in ArubaOS-Switch SSH Daemon

CNA Affected

[
  {
    "defaultStatus": "affected",
    "product": "ArubaOS-S Switch",
    "vendor": "Hewlett Packard Enterprise (HPE)",
    "versions": [
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.11.xxxx: KB/WC/YA/YB/YC.16.11.0015 and below"
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.10.xxxx: KB/WC/YA/YB/YC - All versions. "
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.10.xxxx: WB.16.10.24 and below. "
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.09.xxxx: All versions. "
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.08.xxxx: All versions."
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.07.xxxx: All versions"
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.06.xxxx: All versions"
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.05.xxxx: All versions"
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.04.xxxx: KA/RA.16.04.0027 and below"
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.03.xxxx: All versions"
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.02.xxxx: All versions"
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 16.01.xxxx: All versions"
      },
      {
        "status": "affected",
        "version": "ArubaOS-Switch 15.xx.xxxx: All versions"
      }
    ]
  }
]

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-003.txt

4.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

5.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.2%

JSON

Related for CVELIST:CVE-2024-26303