CVE-2020-24634 Information

Jun 07, 2022 cve

Description

An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1 2.2.0.0 and below; 6.4.4.23 6.5.4.17 8.2.2.9 8.3.0.13 8.5.0.10 8.6.0.5 8.7.0.0 and below ; 6.4.4.23 6.5.4.17 8.2.2.9 8.3.0.13 8.5.0.10 8.6.0.5 8.7.0.0 and below.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04072en_us

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8

Share on: