Lucene search

HpeCVELIST:CVE-2024-42396

HistoryAug 06, 2024 - 6:54 p.m.

CVE-2024-42396 Unauthenticated Denial-of-Service (DoS) Vulnerabilities in the AP Certificate Management Service Accessed by the PAPI Protocol

2024-08-0618:54:42

hpe

www.cve.org

cve-2024-42396

unauthenticated

dos

ap certificate management

papi protocol

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS

Percentile

16.6%

JSON

Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.

CNA Affected

[
  {
    "defaultStatus": "affected",
    "product": "HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
    "vendor": "Hewlett Packard Enterprise (HPE)",
    "versions": [
      {
        "lessThanOrEqual": "<=8.12.0.1",
        "status": "affected",
        "version": "Version 8.12.0.0: 8.12.0.1 and below",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "<=8.10.0.12",
        "status": "affected",
        "version": "Version 8.10.0.0: 8.10.0.12 and below",
        "versionType": "semver"
      }
    ]
  }
]

References

support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

EPSS

Percentile

16.6%

JSON

Related for CVELIST:CVE-2024-42396