Skip to main content

Aruba Products Multiple Vulnerabilities

Release Date: 7 Nov 2024 2796 Views

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities were identified in Aruba Products. A remote attacker could exploit this vulnerability to trigger sensitive information disclosure, remote code execution and security restriction bypass on the targeted system.


Impact

  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • AOS-10.4.x.x: 10.4.1.4 and below
  • Instant AOS-8.12.x.x: 8.12.0.2 and below
  • Instant AOS-8.10.x.x: 8.10.0.13 and below

The following software versions that are End of Maintenance (EoM) are affected by these vulnerabilities, but the vendor had not addressed in its security advisory:

 

  • AOS-10.6.x.x: all versions
  • AOS-10.5.x.x: all versions
  • AOS-10.3.x.x: all versions
  • Instant AOS-8.11.x.x: all versions
  • Instant AOS-8.9.x.x: all versions
  • Instant AOS-8.8.x.x: all versions
  • Instant AOS-8.7.x.x: all versions
  • Instant AOS-8.6.x.x: all versions
  • Instant AOS-8.5.x.x: all versions
  • Instant AOS-8.4.x.x: all versions
  • Instant AOS-6.5.x.x: all versions
  • Instant AOS-6.4.x.x: all versions

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:


Vulnerability Identifier


Source


Related Link