CVE-2024-25614
CVE-2024-25614
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.5EPSS 0.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
05 Mar 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
There is an arbitrary file deletion vulnerability in the CLI used by ArubaOS. Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to denial-of-service conditions and impact the integrity of the controller.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
Affected products
Hewlett Packard Enterprise (HPE) · ArubaOS Wi-Fi Controllers and Campus/Remote Access PointsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →