Unauthenticated Denial-of-Service (DoS) Vulnerabilities in the AP Certificate Management Service Accessed by the PAPI Protocol
CVE-2024-42396
5.3MEDIUM
Key Information:
- Vendor
- HP
- Vendor
- CVE Published:
- 6 August 2024
Summary
Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.
Affected Version(s)
HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10 Version 8.12.0.0: 8.12.0.1 and below
HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10 Version 8.12.0.0: 8.12.0.1 and below
HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10 Version 8.10.0.0: 8.10.0.12 and below
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Credit
zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)