Vulnetix
Try Vulnetix Request Demo
CVE-2020-24634 PUBLISHED CVSS 9.800000190734863 CRITICAL

An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.

EPSS 0.30% · 53.1th percentile

Risk Scores

CVSS v3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.30%
53.1th percentile

Affected Products

VendorProductVersions
n/aAruba 9000 Gateway2.1.0.1, 2.2.0.0 and below
n/aAruba 7200 Series Mobility Controllers8.2.2.9, 6.4.4.23, 6.5.4.17
arubanetworkssd-wan0, 2.2.0.0
n/aAruba 7000 Series Mobility Controllers8.5.0.10, 8.6.0.5, 8.7.0.0 and below
arubanetworksarubaos0, 8.4.0.0, 8.6.0.0

Timeline

References

Open in Interactive Console →