CVE-2023-45623 — Arubaos vulnerability

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

0.1%

top 65.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Arubanetworks Arubaos HP Instantos

Timeline

PublishedNov 14

Latest updateNov 15

Description

Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Wi-Fi Uplink service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶NVDhp/instantos6.4.0.0 — 8.6.0.23+2

▶NVDarubanetworks/arubaos10.3.0.0 — 10.4.0.3+1

🔴Vulnerability Details

GHSA

GHSA-3f8h-p72p-46xm: Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Wi-Fi Uplink service accessed via the PAPI protocol↗2023-11-15

▶

CVEList

CVE-2023-45623: Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Wi-Fi Uplink service accessed via the PAPI protocol↗2023-11-14

▶