Assigner | hpe |
Reserved | 2024-04-03 |
Published | 2024-05-14 |
Updated | 2024-06-06 |
Description
An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Product status
InstantOS or ArubaOS (access points) 10.5.x.x: 10.5.1.0 and below.
InstantOS or ArubaOS (access points) 10.4.x.x: 10.4.1.0 and below.
InstantOS or ArubaOS (access points) 8.11.x.x: 8.11.2.1 and below.
InstantOS or ArubaOS (access points) 8.10.x.x: 8.10.0.10 and below.
InstantOS or ArubaOS (access points) 8.6.x.x: 8.6.0.23 and below.
Credits
Chancen
References
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt