VDB
CISA-2024-42396
CISA-2024-42396
PUBLISHED
CVSS 5.3 MEDIUM
Reported by hpe · Published August 6, 2024
Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.
Risk Scores
CVSS 3.1
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10 | Version 8.12.0.0: 8.12.0.1 and below, Version 8.10.0.0: 8.10.0.12 and below |
| arubanetworks | instant | 8.12.0.0, 8.10.0.0, 8.12.0.0 |
| Hewlett Packard Enterprise (HPE) | HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10 | Version 8.12.0.0: 8.12.0.1 and below, Version 8.10.0.0: 8.10.0.12 and below, Version 8.12.0.0: 8.12.0.1 and below |
Timeline
- Aug 6, 2024 CVE Published
- Mar 25, 2025 CVE Updated