CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
AI Score
Confidence
Low
EPSS
Percentile
16.6%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial
Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.
[
{
"vendor": "Hewlett Packard Enterprise",
"product": "HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
"versions": [
{
"status": "affected",
"version": "Version 8.12.0.0: 8.12.0.1 and below",
"versionType": "semver",
"lessThanOrEqual": "<=8.12.0.1"
},
{
"status": "affected",
"version": "Version 8.10.0.0: 8.10.0.12 and below",
"versionType": "semver",
"lessThanOrEqual": "<=8.10.0.12"
},
{
"status": "affected",
"version": "Version 10.6.0.0: 10.6.0.0 and below",
"versionType": "semver",
"lessThanOrEqual": "<=10.6.0.0"
},
{
"status": "affected",
"version": "Version 10.4.0.0: 10.4.1.3 and below",
"versionType": "semver",
"lessThanOrEqual": "<=10.4.1.3"
}
],
"defaultStatus": "unaffected"
}
]
[
{
"cpes": [
"cpe:2.3:o:arubanetworks:arubaos:10.6.0.0:*:*:*:*:*:*:*"
],
"vendor": "arubanetworks",
"product": "arubaos",
"versions": [
{
"status": "affected",
"version": "10.6.0.0",
"lessThan": "10.6.0.1",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
},
{
"cpes": [
"cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
],
"vendor": "arubanetworks",
"product": "arubaos",
"versions": [
{
"status": "affected",
"version": "10.4.0.0",
"lessThan": "10.4.1.2",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
},
{
"cpes": [
"cpe:2.3:o:arubanetworks:instant:8.12.0.0:*:*:*:*:*:*:*"
],
"vendor": "arubanetworks",
"product": "instant",
"versions": [
{
"status": "affected",
"version": "8.12.0.0",
"lessThan": "8.12.0.2",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
},
{
"cpes": [
"cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
],
"vendor": "arubanetworks",
"product": "instant",
"versions": [
{
"status": "affected",
"version": "8.10.0.0",
"lessThan": "8.10.0.13",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
},
{
"cpes": [
"cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
],
"vendor": "arubanetworks",
"product": "arubaos",
"versions": [
{
"status": "affected",
"version": "10.5.0.0",
"lessThan": "10.6.0.0",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
},
{
"cpes": [
"cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
],
"vendor": "arubanetworks",
"product": "arubaos",
"versions": [
{
"status": "affected",
"version": "10.3.0.0",
"lessThan": "10.4.0.0",
"versionType": "semver"
}
],
"defaultStatus": "unaffected"
},
{
"cpes": [
"cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
],
"vendor": "arubanetworks",
"product": "instant",
"versions": [
{
"status": "affected",
"version": "8.11.0.0",
"lessThan": "8.12.0.0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
},
{
"cpes": [
"cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
],
"vendor": "arubanetworks",
"product": "instant",
"versions": [
{
"status": "affected",
"version": "8.7.0.0",
"lessThan": "8.10.0.0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
},
{
"cpes": [
"cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
],
"vendor": "arubanetworks",
"product": "instant",
"versions": [
{
"status": "affected",
"version": "8.4.0.0",
"lessThan": "8.6.0.0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
},
{
"cpes": [
"cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
],
"vendor": "arubanetworks",
"product": "instant",
"versions": [
{
"status": "affected",
"version": "6.4.0.0",
"lessThan": "6.6.0.0",
"versionType": "semver"
}
],
"defaultStatus": "affected"
}
]
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
AI Score
Confidence
Low
EPSS
Percentile
16.6%
SSVC
Exploitation
none
Automatable
yes
Technical Impact
partial