9.8

CVE-2024-26304

Warnung

There is a buffer overflow vulnerability in the underlying L2/L3 Management service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. 

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung.
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstellerarubanetworks
Produkt arubaos
Default Statusaffected
Version < 8.10.0.10
Version 8.10.0.0
Status affected
Herstellerarubanetworks
Produkt arubaos
Default Statusaffected
Version < 10.5.1.0
Version 10.5.0.0
Status affected
Herstellerarubanetworks
Produkt arubaos
Default Statusaffected
Version < 10.4.1.0
Version 10.4.0.0
Status affected
Herstellerarubanetworks
Produkt arubaos
Default Statusaffected
Version < 8.11.2.1
Version 8.11.0.0
Status affected
Herstellerarubanetworks
Produkt arubaos
Default Statusaffected
Version < 10.4.0.0
Version 10.3.0.0
Status affected
Herstellerarubanetworks
Produkt arubaos
Default Statusaffected
Version < 8.10.0.0
Version 8.9.0.0
Status affected
Herstellerarubanetworks
Produkt arubaos
Default Statusaffected
Version < 8.9.0.0
Version 8.8.0.0
Status affected
Herstellerarubanetworks
Produkt arubaos
Default Statusaffected
Version < 8.8.0.0
Version 8.7.0.0
Status affected
Herstellerarubanetworks
Produkt arubaos
Default Statusaffected
Version < 8.7.0.0
Version 8.6.0.0
Status affected
Herstellerarubanetworks
Produkt arubaos
Default Statusaffected
Version < 6.5.5.0
Version 6.5.4.0
Status affected
Herstellerarubanetworks
Produkt sd-wan
Default Statusaffected
Version < *
Version 8.7.0.0
Status affected
Herstellerarubanetworks
Produkt sd-wan
Default Statusaffected
Version < *
Version 8.6.0.4
Status affected
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 73.7% 0.988
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
security-alert@hpe.com 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-121 Stack-based Buffer Overflow

A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).