VDB

CISA-2024-42396

CISA-2024-42396 PUBLISHED CVSS 5.3 MEDIUM

Reported by hpe · Published August 6, 2024

Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.

Risk Scores

CVSS 3.1
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products

VendorProductVersions
Hewlett Packard Enterprise (HPE)HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10Version 8.12.0.0: 8.12.0.1 and below, Version 8.10.0.0: 8.10.0.12 and below
arubanetworksinstant8.12.0.0, 8.10.0.0, 8.12.0.0
Hewlett Packard Enterprise (HPE)HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10Version 8.12.0.0: 8.12.0.1 and below, Version 8.10.0.0: 8.10.0.12 and below, Version 8.12.0.0: 8.12.0.1 and below

Timeline

  • Aug 6, 2024 CVE Published
  • Mar 25, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›