Arbitrary File Deletion Vulnerability in PAPI Affects Access Point Management
CVE-2024-31474
8.2HIGH
What is CVE-2024-31474?
An arbitrary file deletion vulnerability is present in the Command Line Interface (CLI) service accessed via the Aruba's Access Point management protocol, known as PAPI. This flaw allows an attacker to delete files on the underlying operating system of the access point. Such unauthorized file deletions could severely disrupt normal operational activities and compromise the integrity of the affected Access Point, potentially leading to a breakdown in services and increased vulnerability to additional attacks.
Affected Version(s)
AOS-8 Instant and AOS-10 AP 10.5.0.0 <= 10.5.1.0
AOS-8 Instant and AOS-10 AP 10.4.0.0 <= 10.4.1.0
AOS-8 Instant and AOS-10 AP 8.11.0.0 <= 8.11.2.1