← back
CVE-2024-25615

CVE-2024-25615

CVSS 5.3 MEDIUMEPSS 0.5%CWE-400
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.3EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
05 Mar 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Spectrum service accessed via the PAPI protocol in ArubaOS 8.x. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected products
Hewlett Packard Enterprise (HPE) · ArubaOS Wi-Fi Controllers and Campus/Remote Access Points

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt