CVE-2020-24634
N/A
N/A
Summary
An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Aruba 9000 Gateway | 2.1.0.1 | affected |
| n/a | Aruba 9000 Gateway | 2.2.0.0 and below | affected |
| n/a | Aruba 7000 Series Mobility Controllers | 6.4.4.23 | affected |
| n/a | Aruba 7000 Series Mobility Controllers | 6.5.4.17 | affected |
| n/a | Aruba 7000 Series Mobility Controllers | 8.2.2.9 | affected |
| n/a | Aruba 7000 Series Mobility Controllers | 8.3.0.13 | affected |
| n/a | Aruba 7000 Series Mobility Controllers | 8.5.0.10 | affected |
| n/a | Aruba 7000 Series Mobility Controllers | 8.6.0.5 | affected |
| n/a | Aruba 7000 Series Mobility Controllers | 8.7.0.0 and below | affected |
| n/a | Aruba 7200 Series Mobility Controllers | 6.4.4.23 | affected |
| n/a | Aruba 7200 Series Mobility Controllers | 6.5.4.17 | affected |
| n/a | Aruba 7200 Series Mobility Controllers | 8.2.2.9 | affected |
| n/a | Aruba 7200 Series Mobility Controllers | 8.3.0.13 | affected |
| n/a | Aruba 7200 Series Mobility Controllers | 8.5.0.10 | affected |
| n/a | Aruba 7200 Series Mobility Controllers | 8.6.0.5 | affected |
| n/a | Aruba 7200 Series Mobility Controllers | 8.7.0.0 and below | affected |
Weaknesses
- remote injection of arbitrary commands
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.