Lucene search
HistoryMar 24, 2015 - 5:59 p.m.
CVE-2015-1388
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
Low
EPSS
0.002
Percentile
62.0%
The “RAP console” feature in ArubaOS 5.x through 6.2.x, 6.3.x before 6.3.1.15, and 6.4.x before 6.4.2.4 on Aruba access points in Remote Access Point (AP) mode allows remote attackers to execute arbitrary commands via unspecified vectors.
Affected configurations
Node
arubanetworksarubaosRange≤6.2.3.9
ORarubanetworksarubaosMatch6.1.3.0
ORarubanetworksarubaosMatch6.1.3.1
ORarubanetworksarubaosMatch6.1.3.2
ORarubanetworksarubaosMatch6.1.3.3
ORarubanetworksarubaosMatch6.1.3.4
ORarubanetworksarubaosMatch6.1.3.5
ORarubanetworksarubaosMatch6.1.3.6
ORarubanetworksarubaosMatch6.1.3.7
ORarubanetworksarubaosMatch6.1.3.8
ORarubanetworksarubaosMatch6.1.3.9
ORarubanetworksarubaosMatch6.2.3.1
ORarubanetworksarubaosMatch6.2.3.2
ORarubanetworksarubaosMatch6.2.3.3
ORarubanetworksarubaosMatch6.2.3.4
ORarubanetworksarubaosMatch6.2.3.5
ORarubanetworksarubaosMatch6.2.3.6
ORarubanetworksarubaosMatch6.2.3.7
ORarubanetworksarubaosMatch6.2.3.8
ORarubanetworksarubaosMatch6.3.0.0
ORarubanetworksarubaosMatch6.3.1
ORarubanetworksarubaosMatch6.3.1.1
ORarubanetworksarubaosMatch6.3.1.2
ORarubanetworksarubaosMatch6.3.1.3
ORarubanetworksarubaosMatch6.3.1.4
ORarubanetworksarubaosMatch6.3.1.5
ORarubanetworksarubaosMatch6.3.1.6
ORarubanetworksarubaosMatch6.3.1.7
ORarubanetworksarubaosMatch6.3.1.8
ORarubanetworksarubaosMatch6.3.1.9
ORarubanetworksarubaosMatch6.3.1.10
ORarubanetworksarubaosMatch6.3.1.11
ORarubanetworksarubaosMatch6.3.1.12
ORarubanetworksarubaosMatch6.3.1.13
ORarubanetworksarubaosMatch6.3.1.14
ORarubanetworksarubaosMatch6.4.2.3
ORarubanetworksarubaosMatch6.4.2.4
ORarubanetworksarubaosMatch6.4.2.5
Related
cve
cve
CVE-2015-1388
2015-03-24 17:59:05
cvelist
cvelist
CVE-2015-1388
2015-03-24 17:00:00
nessus
nessus
ArubaOS Remote Access Point Command Injection
2015-04-03 00:00:00
openvas
openvas
ArubaOS Remote Access Point (RAP) Command Injection (ARUBA-PSA-2015-004)
2015-04-07 00:00:00
prion
prion
Design/Logic Flaw
2015-03-24 17:59:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.7
Confidence
Low
EPSS
0.002
Percentile
62.0%
Related for NVD:CVE-2015-1388