Privileged Command Injection: A Threat to Operating Systems
CVE-2024-31477
8.8HIGH
What is CVE-2024-31477?
Multiple authenticated command injection vulnerabilities have been identified in the command line interface of Aruba Networks products. Exploiting these vulnerabilities allows an attacker to execute arbitrary commands as a privileged user on the underlying operating system. This severely compromises system integrity and confidentiality, necessitating immediate attention and remediation by system administrators.
Affected Version(s)
AOS-8 Instant and AOS-10 AP 10.5.0.0 <= 10.5.1.0
AOS-8 Instant and AOS-10 AP 10.4.0.0 <= 10.4.1.0
AOS-8 Instant and AOS-10 AP 8.11.0.0 <= 8.11.2.1