← back
CVE-2024-31483

CVE-2024-31483

CVSS 4.9 MEDIUMEPSS 0.4%
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.9EPSS 0.4%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
14 May 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Affected products
Hewlett Packard Enterprise (HPE) · AOS-8 Instant and AOS-10 AP

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us&docLocale=en_UShttps://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt