CVE-2019-5315
N/A
N/A
Summary
A command injection vulnerability is present in the web management interface of ArubaOS that permits an authenticated user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. This vulnerability only affects ArubaOS 8.x.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Aruba Mobility Controllers | Aruba Mobility Controller firmware (ArubaOS) prior to 8.2.2.6, 8.3.0.x prior to 8.3.0.7 and 8.4.0.x prior to 8.4.0.3 | affected |
Weaknesses
- Authenticated command injection
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.