Home

Description

An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Spectrum service accessed via the PAPI protocol in ArubaOS 8.x. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service.

PUBLISHED Reserved 2024-02-08 | Published 2024-03-05 | Updated 2025-03-27 | Assigner hpe




MEDIUM: 5.3CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Product status

Default status
affected

ArubaOS 10.5.x.x: 10.5.0.1 and below
affected

ArubaOS 10.4.x.x: 10.4.0.3 and below
affected

ArubaOS 8.11.x.x: 8.11.2.0 and below
affected

ArubaOS 8.10.x.x: 8.10.0.9 and below
affected

Credits

XiaoC from Moonlight Bug Hunter reporter

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt

www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt

cve.org (CVE-2024-25615)

nvd.nist.gov (CVE-2024-25615)

Download JSON