7.5

CVE-2023-22787

Warnung

EPSS 0.19%
Veröffentlicht 08.05.2023 15:15:10
Zuletzt bearbeitet 21.11.2024 07:45:25
Quelle security-alert@hpe.com
CVE-Watchlists
Login
Unerledigt
Login

An unauthenticated Denial of Service (DoS) vulnerability exists in a service accessed via the PAPI protocol provided by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point.

Betroffene Produkte Warnungen 1 Metriken 3 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Arubanetworks ≫ Arubaos Version >= 10.3.0.0 <= 10.3.1.0

Hp ≫ Instantos Version >= 6.4.0.0 <= 6.4.4.8-4.2.4.20

Hp ≫ Instantos Version >= 6.5.0.0 <= 6.5.4.23

Hp ≫ Instantos Version >= 8.4.0.0 < 8.6.0.0

Hp ≫ Instantos Version >= 8.6.0.0 <= 8.6.0.19

Hp ≫ Instantos Version >= 8.7.0.0 <= 8.9.0.0

Hp ≫ Instantos Version >= 8.10.0.0 <= 8.10.0.4

10.05.2023: CERT.at Warnung

https://www.cert.at/de/warnungen/2023/5/kritische-sicherheitslucken-in-arubaos-und-aruba-instantos-updates-verfugbar

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.19%	0.406

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
security-alert@hpe.com	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txt

Vendor Advisory

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2023-22787

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-22787

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-22787

EUVD