Hewlett Packard Enterprise Aruba Os vulnerabilities
6 known vulnerabilities affecting hewlett_packard_enterprise/aruba_os.
Total CVEs
6
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH3
Vulnerabilities
Page 1 of 1
CVE-2024-42505P2CRITICALCVSS 9.8≥ Version 10.5.0.0: 10.6.0.2 and below, ≤ <=10.6.0.2≥ Version 10.0.0.0: 10.4.1.13 and below, ≤ <=10.4.1.13+2 more2024-09-25
CVE-2024-42505 [CRITICAL] CWE-77 CVE-2024-42505: Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged us
nvd
CVE-2024-42506P2CRITICALCVSS 9.8≥ Version 10.5.0.0: 10.6.0.2 and below, ≤ <=10.6.0.2≥ Version 10.0.0.0: 10.4.1.13 and below, ≤ <=10.4.1.13+2 more2024-09-25
CVE-2024-42506 [CRITICAL] CWE-77 CVE-2024-42506: Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged us
nvd
CVE-2024-42507P2CRITICALCVSS 9.8≥ Version 10.5.0.0: 10.6.0.2 and below, ≤ <=10.6.0.2≥ Version 10.0.0.0: 10.4.1.13 and below, ≤ <=10.4.1.13+2 more2024-09-25
CVE-2024-42507 [CRITICAL] CWE-77 CVE-2024-42507: Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged us
nvd
CVE-2024-42503P3HIGHCVSS 7.2≥ Version 10.6.0.0: 10.6.0.2 and below, ≤ <=10.6.0.2≥ Version 8.10.0.0: 8.10.0.13 and below, ≤ <=8.10.0.13+5 more2024-09-17
CVE-2024-42503 [HIGH] CWE-78 CVE-2024-42503: Authenticated command execution vulnerability exist in the ArubaOS command line interface (CLI). Su
Authenticated command execution vulnerability exist in the ArubaOS command line interface (CLI). Successful exploitation of this vulnerabilities result in the ability to run arbitrary commands as a priviledge user on the underlying operating system.
nvd
CVE-2024-42502P3HIGHCVSS 7.2≥ Version 10.6.0.0: 10.6.0.2 and below, ≤ <=10.6.0.2≥ Version 8.10.0.0: 8.10.0.13 and below, ≤ <=8.10.0.13+5 more2024-09-17
CVE-2024-42502 [HIGH] CWE-78 CVE-2024-42502: Authenticated command injection vulnerability exists in the ArubaOS command line interface. Successf
Authenticated command injection vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability result in the ability to inject shell commands on the underlying operating system.
nvd
CVE-2024-42501P3HIGHCVSS 7.2≥ Version 10.6.0.0: 10.6.0.2 and below, ≤ <=10.6.0.2≥ Version 8.10.0.0: 8.10.0.13 and below, ≤ <=8.10.0.13+5 more2024-09-17
CVE-2024-42501 [HIGH] CWE-22 CVE-2024-42501: An authenticated Path Traversal vulnerabilities exists in the ArubaOS. Successful exploitation of th
An authenticated Path Traversal vulnerabilities exists in the ArubaOS. Successful exploitation of this vulnerability allows an attacker to install unsigned packages on the underlying operating system, enabling the threat actor to execute arbitrary code or install implants.
nvd