Lucene search

K
ArubanetworksArubaos

37 matches found

CVE
CVE
added 2024/03/05 9:15 p.m.72 views

CVE-2024-1356

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

7.2CVSS7.6AI score0.00129EPSS
CVE
CVE
added 2024/03/05 9:15 p.m.60 views

CVE-2024-25615

An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Spectrum service accessed via the PAPI protocol in ArubaOS 8.x. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service.

5.3CVSS5.3AI score0.00051EPSS
CVE
CVE
added 2024/03/05 9:15 p.m.59 views

CVE-2024-25614

There is an arbitrary file deletion vulnerability in the CLI used by ArubaOS. Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to denial-of-service conditions and impact the integrity of the controlle...

9.1CVSS5.5AI score0.00128EPSS
CVE
CVE
added 2024/03/05 9:15 p.m.56 views

CVE-2024-25612

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

7.2CVSS7.6AI score0.00129EPSS
CVE
CVE
added 2024/03/05 9:15 p.m.55 views

CVE-2024-25611

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

7.2CVSS7.6AI score0.00129EPSS
CVE
CVE
added 2024/03/05 9:15 p.m.53 views

CVE-2024-25616

Aruba has identified certain configurations of ArubaOS that can lead to partial disclosure of sensitive information in the IKE_AUTH negotiation process. The scenarios in which disclosure of potentially sensitive information can occur are complex, and depend on factors beyond the control of attacker...

3.7CVSS4AI score0.0011EPSS
CVE
CVE
added 2024/03/05 9:15 p.m.49 views

CVE-2024-25613

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

7.2CVSS7.6AI score0.00129EPSS
CVE
CVE
added 2024/05/01 5:15 p.m.47 views

CVE-2024-33517

An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Radio Frequency Manager service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service.

7.5CVSS6.8AI score0.00047EPSS
CVE
CVE
added 2024/08/06 8:15 p.m.46 views

CVE-2024-42399

Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.

5.3CVSS7.2AI score0.0027EPSS
CVE
CVE
added 2024/08/06 7:15 p.m.43 views

CVE-2024-42395

There is a vulnerability in the AP Certificate Management Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise.

9.8CVSS7.8AI score0.00295EPSS
CVE
CVE
added 2024/05/01 5:15 p.m.41 views

CVE-2024-33515

Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service.

7.5CVSS6.9AI score0.00047EPSS
CVE
CVE
added 2024/05/01 5:15 p.m.39 views

CVE-2024-33513

Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service.

5.9CVSS6.9AI score0.00156EPSS
CVE
CVE
added 2024/05/01 5:15 p.m.39 views

CVE-2024-33518

An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Radio Frequency Manager service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service.

5.3CVSS6.8AI score0.00052EPSS
CVE
CVE
added 2024/05/01 5:15 p.m.37 views

CVE-2024-33514

Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service.

7.5CVSS6.9AI score0.00085EPSS
CVE
CVE
added 2024/05/01 5:15 p.m.37 views

CVE-2024-33516

An unauthenticated Denial of Service (DoS) vulnerability exists in the Auth service accessed via the PAPI protocol provided by ArubaOS. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the controller.

7.5CVSS6.8AI score0.00047EPSS
CVE
CVE
added 2024/05/14 11:15 p.m.36 views

CVE-2024-31469

There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these ...

9.8CVSS8.5AI score0.02671EPSS
CVE
CVE
added 2024/08/06 8:15 p.m.34 views

CVE-2024-42398

Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.

5.3CVSS7.2AI score0.0027EPSS
CVE
CVE
added 2024/08/06 7:15 p.m.33 views

CVE-2024-42393

There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise.

9.8CVSS8AI score0.00532EPSS
CVE
CVE
added 2024/08/06 7:15 p.m.33 views

CVE-2024-42394

There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise.

9.8CVSS8AI score0.00435EPSS
CVE
CVE
added 2024/05/14 10:15 p.m.32 views

CVE-2024-31466

There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities res...

9.8CVSS8.5AI score0.01389EPSS
CVE
CVE
added 2024/05/14 11:15 p.m.32 views

CVE-2024-31470

There is a buffer overflow vulnerability in the underlying SAE (Simultaneous Authentication of Equals) service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful ex...

9.8CVSS8.5AI score0.03477EPSS
CVE
CVE
added 2024/05/14 11:15 p.m.31 views

CVE-2024-31468

There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these ...

9.8CVSS8.5AI score0.01389EPSS
CVE
CVE
added 2024/05/14 11:15 p.m.28 views

CVE-2024-31473

There is a command injection vulnerability in the underlying deauthentication service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulner...

9.8CVSS8.4AI score0.01217EPSS
CVE
CVE
added 2024/05/14 11:15 p.m.26 views

CVE-2024-31478

Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exists in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilites result in the ability to interrupt the normal operation of the affected Access Point.

7.5CVSS6.8AI score0.00212EPSS
CVE
CVE
added 2024/05/14 11:15 p.m.24 views

CVE-2024-31467

There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities res...

9.8CVSS8.5AI score0.01389EPSS
CVE
CVE
added 2024/05/14 11:15 p.m.24 views

CVE-2024-31472

There are command injection vulnerabilities in the underlying Soft AP Daemon service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulner...

9.8CVSS8.5AI score0.00486EPSS
CVE
CVE
added 2024/05/14 11:15 p.m.24 views

CVE-2024-31474

There is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI (Aruba's Access Point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to int...

8.2CVSS6.6AI score0.01582EPSS
CVE
CVE
added 2024/05/14 11:15 p.m.23 views

CVE-2024-31471

There is a command injection vulnerability in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this ...

9.8CVSS8.4AI score0.00931EPSS
CVE
CVE
added 2024/08/06 8:15 p.m.23 views

CVE-2024-42400

Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.

5.3CVSS7.2AI score0.0027EPSS
CVE
CVE
added 2024/05/14 11:15 p.m.22 views

CVE-2024-31477

Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

8.8CVSS7.7AI score0.00602EPSS
CVE
CVE
added 2024/05/14 11:15 p.m.20 views

CVE-2024-31479

Unauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.

7.5CVSS6.7AI score0.00242EPSS
CVE
CVE
added 2024/05/14 11:15 p.m.20 views

CVE-2024-31480

Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.

7.5CVSS6.7AI score0.00242EPSS
CVE
CVE
added 2024/05/14 11:15 p.m.19 views

CVE-2024-31482

An unauthenticated Denial-of-Service (DoS) vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected Access Point.

7.5CVSS6.7AI score0.00242EPSS
CVE
CVE
added 2024/05/14 11:15 p.m.18 views

CVE-2024-31475

There is an arbitrary file deletion vulnerability in the Central Communications service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to...

8.2CVSS6.6AI score0.01582EPSS
CVE
CVE
added 2024/05/14 11:15 p.m.18 views

CVE-2024-31481

Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.

7.5CVSS6.7AI score0.00242EPSS
CVE
CVE
added 2024/05/14 11:15 p.m.16 views

CVE-2024-31476

Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

8.8CVSS7.7AI score0.01024EPSS
CVE
CVE
added 2024/05/14 11:15 p.m.15 views

CVE-2024-31483

An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.

6.5CVSS5.9AI score0.0008EPSS