Vulnerability in Arubanetworks Arubaos
CVE-2024-31474
There is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI (Aruba's Access Point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underly…
EPSS: 0.004 (35.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H.
Affected products
- Arubanetworks Arubaos
- Hewlett Packard Enterprise (Hpe) Aos-8 Instant And Aos-10 Ap — versions 10.5.0.0, 10.4.0.0, 8.11.0.0
- Hp Instantos
Weakness classification (CWE)
References
- security-alert@hpe.com
- af854a3a-2127-422b-91ae-364da2661108 (Broken Link, Vendor Advisory)
Frequently asked questions
- What is CVE-2024-31474?
- CVE-2024-31474 is a high-severity vulnerability in Arubanetworks Arubaos, classified under CWE-463. CVSS score: 8.2/10. Published 2024-05-14.
- How severe is CVE-2024-31474?
- High severity. CVSS v3 base score is 8.2 out of 10.