CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
EPSS
Percentile
9.0%
An unauthenticated Denial of Service (DoS) vulnerability exists in the Auth service accessed via the PAPI protocol provided by ArubaOS. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the controller.
[
{
"defaultStatus": "affected",
"product": "Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "ArubaOS 10.5.x.x: 10.5.1.0 and below"
},
{
"status": "affected",
"version": "ArubaOS 10.4.x.x: 10.4.1.0 and below"
},
{
"status": "affected",
"version": "ArubaOS 8.11.x.x: 8.11.2.1 and below"
},
{
"status": "affected",
"version": "ArubaOS 8.10.x.x: 8.10.0.10 and below"
}
]
}
]