8011 matches found
CVE-2024-31480
CVE-2024-31480 affects Aruba Networks ArubaOS/InstantOS CLI service accessed via the PAPI protocol, with an unauthenticated Denial of Service that can interrupt normal operation. Public sources in the connected documents describe a DoS impact and that exploitation requires access to the managemen...
CVE-2024-31480
Unauthenticated Denial of Service DoS vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service...
CVE-2024-31480
Unauthenticated Denial of Service DoS vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service...
CVE-2024-31477
Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system...
CVE-2024-31476
Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system...
CVE-2024-31474
There is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI Aruba's Access Point management protocol. Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to...
CVE-2024-31474
There is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI Aruba's Access Point management protocol. Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to...
CVE-2024-31467 Unauthenticated Buffer Overflow Vulnerabilities in CLI Service Accessed by the PAPI Protocol
There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's Access Point management protocol UDP port 8211. Successful exploitation of these vulnerabilities resul...
CVE-2024-31467
ArubaOS/InstantOS vulnerabilities exist in the PAPI CLI service via unauthenticated buffer overflow on UDP port 8211, enabling remote code execution with privileges on the underlying OS. Attack requires sending specially crafted packets to the PAPI UDP port; exploitation status is not consistentl...
CVE-2024-31466
CVE-2024-31466 describes unauthenticated buffer-overflow vulnerabilities in the PAPI CLI service used by ArubaOS/InstantOS, exploitable by sending specially crafted UDP packets to port 8211. Successful exploitation could execute arbitrary code with OS privileges. Affected products include ArubaOS...
GHSA-JJ54-5Q2M-Q7PJ NATS server TLS missing ciphersuite settings when CLI flags used
This advisory is canonically Problem Description The NATS server by default uses a restricted set of modern ciphersuites for TLS. This selection can be overridden through configuration. The defaults include just RSA and ECDSA with either AES/GCM with a SHA2 digest or ChaCha20/Poly1305. The...
NATS server TLS missing ciphersuite settings when CLI flags used
This advisory is canonically Problem Description The NATS server by default uses a restricted set of modern ciphersuites for TLS. This selection can be overridden through configuration. The defaults include just RSA and ECDSA with either AES/GCM with a SHA2 digest or ChaCha20/Poly1305. The...
CVE-2023-45583
A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13,...
CVE-2023-45583
The CVE-2023-45583 vulnerability is a use of externally-controlled format string affecting Fortinet FortiProxy, FortiPAM, FortiOS, and FortiSwitchManager across multiple versions (e.g., FortiProxy 7.2.0–7.2.5, 7.0.x, 2.0.x, 1.x; FortiOS 7.x and 6.x; FortiPAM 1.x; FortiSwitchManager 7.x). The unde...
PT-2024-24097 · Aruba · Aruba Access Point
Name of the Vulnerable Software and Affected Versions: Aruba Access Point affected versions not specified Description: The issue is related to buffer overflow vulnerabilities in the underlying CLI service. These vulnerabilities could lead to unauthenticated remote code execution by sending...
Aruba Networks ArubaOS 和 InstantOS 安全漏洞
Aruba Networks ArubaOS and Aruba Networks InstantOS are both products of Aruba Networks, Inc.Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches. Aruba Networks InstantOS is an Arch Linux-based distribution...
Aruba Networks ArubaOS 和 InstantOS 安全漏洞
Aruba Networks ArubaOS and Aruba Networks InstantOS are both products of Aruba Networks, Inc.Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches. Aruba Networks InstantOS is an Arch Linux-based distribution...
Aruba Networks ArubaOS 和 InstantOS 安全漏洞
Aruba Networks ArubaOS and Aruba Networks InstantOS are both products of Aruba Networks, Inc.Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks, including Mobility Controllers and Mobility Access Switches. Aruba Networks InstantOS is an Arch Linux-based distribution...
PT-2024-24106 · Aruba · Aruba Access Point
Name of the Vulnerable Software and Affected Versions: Aruba Access Point affected versions not specified Description: The issue concerns an arbitrary file deletion vulnerability in the CLI service accessed by PAPI, which is Aruba's Access Point management protocol. Successful exploitation of thi...
PT-2024-24098 · Aruba · Aruba Access Point
Name of the Vulnerable Software and Affected Versions: Aruba Access Point versions affected versions not specified Description: The issue concerns buffer overflow vulnerabilities in the underlying CLI service. These vulnerabilities could lead to unauthenticated remote code execution by sending...