CVE-2024-31477

Summary

Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

Affected Software

VendorProductVersion RangeStatus
Hewlett Packard Enterprise (HPE)AOS-8 Instant and AOS-10 AP10.5.0.0 <= 10.5.1.0affected
Hewlett Packard Enterprise (HPE)AOS-8 Instant and AOS-10 AP10.4.0.0 <= 10.4.1.0affected
Hewlett Packard Enterprise (HPE)AOS-8 Instant and AOS-10 AP8.11.0.0 <= 8.11.2.1affected
Hewlett Packard Enterprise (HPE)AOS-8 Instant and AOS-10 AP8.10.0.0 <= 8.10.0.10affected
Hewlett Packard Enterprise (HPE)AOS-8 Instant and AOS-10 AP8.6.0.0 <= 8.6.0.23affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References