HPE Athonet Mobile Core Software Vulnerable to Code Injection Attacks
CVE-2024-6206

7.5HIGH

Key Information:

Vendor: HP
Status: HP Athonet Mobile Core
Vendor: CVE Published:; 25 June 2024

What is CVE-2024-6206?

A significant security vulnerability exists in HPE Athonet Mobile Core software, specifically related to code injection. This flaw permits a threat actor to execute arbitrary commands with the privileges of the underlying container. The exploitation of this vulnerability could lead to a complete compromise of the affected system, posing severe risks to operational integrity and data security.

Affected Version(s)

HPE Athonet Mobile Core Athonet Core 1.23.4.2 and below

References

https://support.hpe.com/hpesc/public/docDisplay?docId=hpe...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2024
Vulnerability Reserved
Jun 20, 2024