CVE-2024-47460

Unauthenticated Command Injection Vulnerability in the CLI Service Accessed by the PAPI Protocol

Description

Command injection vulnerability in the underlying CLI service could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.

INFO

Published Date :

2024-11-05T22:46:26.066Z

Last Modified :

2024-11-09T04:55:48.527Z

Source :

hpe

AFFECTED PRODUCTS

The following products are affected by CVE-2024-47460 vulnerability.

Vendors	Products
Arubanetworks	Arubaos Instant

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-47460.

URL	Resource
https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04722en_us&docLocale=en_US

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact