CVE-2008-0150 — Improper Authentication in Networks Aruba Mobility Controllers

CWE-287 — Improper Authentication3 documents3 sources

Severity

6.8MEDIUMNVD

EPSS

0.3%

top 44.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Aruba Networks Aruba Mobility Controllers

Timeline

PublishedJan 9

Latest updateMay 1

Description

Unspecified vulnerability in the LDAP authentication feature in Aruba Mobility Controller 2.3.6.15, 2.5.2.11, 2.5.4.25, 2.5.5.7, 3.1.1.3, and 2.4.8.11-FIPS or earlier allows remote attackers to bypass authentication mechanisms and obtain management or VPN interface access.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

▶NVDaruba_networks/aruba_mobility_controllers2.4.8.11-fips+5

🔴Vulnerability Details

GHSA

GHSA-cf2f-23hh-q498: Unspecified vulnerability in the LDAP authentication feature in Aruba Mobility Controller 2↗2022-05-01

▶

CVEList

CVE-2008-0150: Unspecified vulnerability in the LDAP authentication feature in Aruba Mobility Controller 2↗2008-01-09

▶