Unauthenticated DoS Vulnerability in Aruba Spectrum via PAPI Protocol
CVE-2024-25615
5.3MEDIUM
Summary
An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Spectrum service accessed via the PAPI protocol in ArubaOS 8.x. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service.
Affected Version(s)
ArubaOS Wi-Fi Controllers and Campus/Remote Access Points ArubaOS 10.5.x.x: 10.5.0.1 and below
ArubaOS Wi-Fi Controllers and Campus/Remote Access Points ArubaOS 10.5.x.x: 10.5.0.1 and below
ArubaOS Wi-Fi Controllers and Campus/Remote Access Points ArubaOS 10.4.x.x: 10.4.0.3 and below
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
XiaoC from Moonlight Bug Hunter