Vulnerability in Arubanetworks Arubaos
CVE-2024-31475
There is an arbitrary file deletion vulnerability in the Central Communications service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary f…
EPSS: 0.004 (35.7th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H.
Affected products
- Arubanetworks Arubaos
- Hewlett Packard Enterprise (Hpe) Aos-8 Instant And Aos-10 Ap — versions 10.5.0.0, 10.4.0.0, 8.11.0.0
- Hp Instantos
Weakness classification (CWE)
References
- security-alert@hpe.com
- af854a3a-2127-422b-91ae-364da2661108 (Broken Link, Vendor Advisory)
Frequently asked questions
- What is CVE-2024-31475?
- CVE-2024-31475 is a high-severity vulnerability in Arubanetworks Arubaos, classified under CWE-463. CVSS score: 8.2/10. Published 2024-05-14.
- How severe is CVE-2024-31475?
- High severity. CVSS v3 base score is 8.2 out of 10.