7.5

CVE-2023-22787

Warnung

EPSS 0.25%
Veröffentlicht 08.05.2023 15:15:10
Zuletzt bearbeitet 21.11.2024 07:45:25
Quelle security-alert@hpe.com
CVE-Watchlists
Login
Unerledigt
Login

Unauthenticated Denial of Service (DoS) in Aruba InstantOS or ArubaOS 10 Service Accessed via the PAPI Protocol

An unauthenticated Denial of Service (DoS) vulnerability exists in a service accessed via the PAPI protocol provided by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point.

Betroffene Produkte Warnungen 1 Metriken 3 CWE 0 Referenzen 4

NVD 7 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Arubanetworks ≫ Arubaos Version >= 10.3.0.0 <= 10.3.1.0

Hp ≫ Instantos Version >= 6.4.0.0 <= 6.4.4.8-4.2.4.20

Hp ≫ Instantos Version >= 6.5.0.0 <= 6.5.4.23

Hp ≫ Instantos Version >= 8.4.0.0 < 8.6.0.0

Hp ≫ Instantos Version >= 8.6.0.0 <= 8.6.0.19

Hp ≫ Instantos Version >= 8.7.0.0 <= 8.9.0.0

Hp ≫ Instantos Version >= 8.10.0.0 <= 8.10.0.4

10.05.2023:

https://www.cert.at/de/warnungen/2023/5/kritische-sicherheitslucken-in-arubaos-und-aruba-instantos-updates-verfugbar

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.25%	0.483

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
security-alert@hpe.com	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txt

Vendor Advisory

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2023-22787

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-22787

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-22787

EUVD