Search

Find a vulnerability

Search criteria

    36 vulnerabilities found for AOS-8 Instant and AOS-10 AP by Hewlett Packard Enterprise (HPE)

    CVE-2024-31483 (GCVE-0-2024-31483)

    Vulnerability from nvd – Published: 2024-05-14 22:37 – Updated: 2025-06-24 15:23
    VLAI
    Summary
    An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31483",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T13:43:52.164471Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-31T15:12:51.026Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.245Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAn authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.\u003c/p\u003e"
                }
              ],
              "value": "An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:23:49.047Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31483",
        "datePublished": "2024-05-14T22:37:06.652Z",
        "dateReserved": "2024-04-03T21:21:22.898Z",
        "dateUpdated": "2025-06-24T15:23:49.047Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31482 (GCVE-0-2024-31482)

    Vulnerability from nvd – Published: 2024-05-14 22:36 – Updated: 2025-06-24 15:22
    VLAI
    Summary
    An unauthenticated Denial-of-Service (DoS) vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected Access Point.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31482",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T13:43:20.652798Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T17:01:42.878Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.280Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAn unauthenticated Denial-of-Service (DoS) vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected Access Point.\u003c/p\u003e"
                }
              ],
              "value": "An unauthenticated Denial-of-Service (DoS) vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected Access Point."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:22:57.371Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31482",
        "datePublished": "2024-05-14T22:36:10.770Z",
        "dateReserved": "2024-04-03T21:21:22.898Z",
        "dateUpdated": "2025-06-24T15:22:57.371Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31481 (GCVE-0-2024-31481)

    Vulnerability from nvd – Published: 2024-05-14 22:35 – Updated: 2025-06-24 15:21
    VLAI
    Summary
    Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31481",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T13:42:47.657209Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T17:01:20.265Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.107Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUnauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.\u003c/p\u003e"
                }
              ],
              "value": "Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:21:48.806Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31481",
        "datePublished": "2024-05-14T22:35:29.359Z",
        "dateReserved": "2024-04-03T21:21:22.898Z",
        "dateUpdated": "2025-06-24T15:21:48.806Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31480 (GCVE-0-2024-31480)

    Vulnerability from nvd – Published: 2024-05-14 22:34 – Updated: 2025-06-24 15:19
    VLAI
    Summary
    Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31480",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T13:42:01.200373Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T17:01:00.228Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.134Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUnauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.\u003c/p\u003e"
                }
              ],
              "value": "Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:19:49.638Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31480",
        "datePublished": "2024-05-14T22:34:42.949Z",
        "dateReserved": "2024-04-03T21:21:22.898Z",
        "dateUpdated": "2025-06-24T15:19:49.638Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31479 (GCVE-0-2024-31479)

    Vulnerability from nvd – Published: 2024-05-14 22:33 – Updated: 2025-06-24 15:17
    VLAI
    Summary
    Unauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31479",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T13:25:35.184663Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T17:00:39.087Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.116Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUnauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.\u003c/p\u003e"
                }
              ],
              "value": "Unauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:17:14.638Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31479",
        "datePublished": "2024-05-14T22:33:38.302Z",
        "dateReserved": "2024-04-03T21:21:22.898Z",
        "dateUpdated": "2025-06-24T15:17:14.638Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31478 (GCVE-0-2024-31478)

    Vulnerability from nvd – Published: 2024-05-14 22:32 – Updated: 2025-06-24 15:01
    VLAI
    Summary
    Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exists in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilites result in the ability to interrupt the normal operation of the affected Access Point.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31478",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T13:41:22.094004Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T17:00:19.275Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.134Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMultiple unauthenticated Denial-of-Service (DoS) vulnerabilities exists in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilites result in the ability to interrupt the normal operation of the affected Access Point.\u003c/p\u003e"
                }
              ],
              "value": "Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exists in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilites result in the ability to interrupt the normal operation of the affected Access Point."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:01:43.100Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31478",
        "datePublished": "2024-05-14T22:32:51.129Z",
        "dateReserved": "2024-04-03T21:21:22.897Z",
        "dateUpdated": "2025-06-24T15:01:43.100Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31477 (GCVE-0-2024-31477)

    Vulnerability from nvd – Published: 2024-05-14 22:32 – Updated: 2025-06-24 15:15
    VLAI
    Summary
    Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Erik De Jong (bugcrowd.com/erikdejong)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31477",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-17T04:00:34.951992Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T16:59:03.824Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.111Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Erik De Jong (bugcrowd.com/erikdejong)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMultiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.\u003c/p\u003e"
                }
              ],
              "value": "Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:15:50.694Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31477",
        "datePublished": "2024-05-14T22:32:06.557Z",
        "dateReserved": "2024-04-03T21:21:22.897Z",
        "dateUpdated": "2025-06-24T15:15:50.694Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31476 (GCVE-0-2024-31476)

    Vulnerability from nvd – Published: 2024-05-14 22:31 – Updated: 2025-06-24 15:14
    VLAI
    Summary
    Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31476",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-17T04:00:34.232578Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T16:58:41.775Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.100Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMultiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.\u003c/p\u003e"
                }
              ],
              "value": "Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:14:48.403Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31476",
        "datePublished": "2024-05-14T22:31:22.072Z",
        "dateReserved": "2024-04-03T21:21:22.897Z",
        "dateUpdated": "2025-06-24T15:14:48.403Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31475 (GCVE-0-2024-31475)

    Vulnerability from nvd – Published: 2024-05-14 22:30 – Updated: 2025-06-24 15:13
    VLAI
    Summary
    There is an arbitrary file deletion vulnerability in the Central Communications service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the affected Access Point.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-463 - Deletion of Data Structure Sentinel
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31475",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T13:39:38.114508Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-463",
                    "description": "CWE-463 Deletion of Data Structure Sentinel",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T16:58:20.334Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.143Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThere is an arbitrary file deletion vulnerability in the Central Communications service accessed by PAPI (Aruba\u0027s access point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the affected Access Point.\u003c/p\u003e"
                }
              ],
              "value": "There is an arbitrary file deletion vulnerability in the Central Communications service accessed by PAPI (Aruba\u0027s access point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the affected Access Point."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:13:24.884Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31475",
        "datePublished": "2024-05-14T22:30:27.186Z",
        "dateReserved": "2024-04-03T21:21:22.897Z",
        "dateUpdated": "2025-06-24T15:13:24.884Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31474 (GCVE-0-2024-31474)

    Vulnerability from nvd – Published: 2024-05-14 22:29 – Updated: 2025-06-24 15:12
    VLAI
    Summary
    There is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI (Aruba's Access Point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the affected Access Point
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-463 - Deletion of Data Structure Sentinel
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31474",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T13:39:14.628824Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-463",
                    "description": "CWE-463 Deletion of Data Structure Sentinel",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T16:57:56.588Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.090Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThere is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI (Aruba\u0027s Access Point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the affected Access Point\u003c/p\u003e"
                }
              ],
              "value": "There is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI (Aruba\u0027s Access Point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the affected Access Point"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:12:08.560Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31474",
        "datePublished": "2024-05-14T22:29:51.497Z",
        "dateReserved": "2024-04-03T21:21:22.897Z",
        "dateUpdated": "2025-06-24T15:12:08.560Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31473 (GCVE-0-2024-31473)

    Vulnerability from nvd – Published: 2024-05-14 22:29 – Updated: 2025-06-24 15:11
    VLAI
    Summary
    There is a command injection vulnerability in the underlying deauthentication service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Erik De Jong (bugcrowd.com/erikdejong
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31473",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-17T04:00:19.151899Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-13T13:58:45.097Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.079Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Erik De Jong (bugcrowd.com/erikdejong"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThere is a command injection vulnerability in the underlying deauthentication service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.\u003c/p\u003e"
                }
              ],
              "value": "There is a command injection vulnerability in the underlying deauthentication service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:11:19.420Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31473",
        "datePublished": "2024-05-14T22:29:11.994Z",
        "dateReserved": "2024-04-03T21:21:22.897Z",
        "dateUpdated": "2025-06-24T15:11:19.420Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31472 (GCVE-0-2024-31472)

    Vulnerability from nvd – Published: 2024-05-14 22:28 – Updated: 2025-06-24 14:57
    VLAI
    Summary
    There are command injection vulnerabilities in the underlying Soft AP Daemon service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Erik De Jong (bugcrowd.com/erikdejong
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31472",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-17T04:00:33.431077Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T16:53:34.342Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.033Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Erik De Jong (bugcrowd.com/erikdejong"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThere are command injection vulnerabilities in the underlying Soft AP Daemon service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.\u003c/p\u003e"
                }
              ],
              "value": "There are command injection vulnerabilities in the underlying Soft AP Daemon service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T14:57:21.615Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31472",
        "datePublished": "2024-05-14T22:28:29.845Z",
        "dateReserved": "2024-04-03T21:21:22.897Z",
        "dateUpdated": "2025-06-24T14:57:21.615Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31471 (GCVE-0-2024-31471)

    Vulnerability from nvd – Published: 2024-05-14 22:27 – Updated: 2025-06-24 14:26
    VLAI
    Summary
    There is a command injection vulnerability in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Erik De Jong (bugcrowd.com/erikdejong
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31471",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-17T04:00:32.598112Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T16:53:13.647Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.106Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Erik De Jong (bugcrowd.com/erikdejong"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThere is a command injection vulnerability in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.\u003c/p\u003e"
                }
              ],
              "value": "There is a command injection vulnerability in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T14:26:02.859Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31471",
        "datePublished": "2024-05-14T22:27:21.146Z",
        "dateReserved": "2024-04-03T21:21:22.896Z",
        "dateUpdated": "2025-06-24T14:26:02.859Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31470 (GCVE-0-2024-31470)

    Vulnerability from nvd – Published: 2024-05-14 22:26 – Updated: 2025-06-24 13:29
    VLAI
    Summary
    There is a buffer overflow vulnerability in the underlying SAE (Simultaneous Authentication of Equals) service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31470",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-17T04:00:31.848382Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-121",
                    "description": "CWE-121 Stack-based Buffer Overflow",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T16:51:59.613Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.118Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThere is a buffer overflow vulnerability in the underlying SAE (Simultaneous Authentication of Equals) service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.\u003c/p\u003e"
                }
              ],
              "value": "There is a buffer overflow vulnerability in the underlying SAE (Simultaneous Authentication of Equals) service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T13:29:06.597Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31470",
        "datePublished": "2024-05-14T22:26:39.056Z",
        "dateReserved": "2024-04-03T21:21:22.896Z",
        "dateUpdated": "2025-06-24T13:29:06.597Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31469 (GCVE-0-2024-31469)

    Vulnerability from nvd – Published: 2024-05-14 22:25 – Updated: 2025-06-24 13:26
    VLAI
    Summary
    There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Erik De Jong (bugcrowd.com/erikdejong)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31469",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-17T04:00:31.113539Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-121",
                    "description": "CWE-121 Stack-based Buffer Overflow",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T16:52:09.920Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.114Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Erik De Jong (bugcrowd.com/erikdejong)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThere are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.\u003c/p\u003e\u003cp\u003e \u003c/p\u003e"
                }
              ],
              "value": "There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T13:26:25.165Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31469",
        "datePublished": "2024-05-14T22:25:46.354Z",
        "dateReserved": "2024-04-03T21:21:22.896Z",
        "dateUpdated": "2025-06-24T13:26:25.165Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31468 (GCVE-0-2024-31468)

    Vulnerability from nvd – Published: 2024-05-14 22:24 – Updated: 2025-06-24 13:23
    VLAI
    Summary
    There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31468",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-17T04:00:30.371230Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-121",
                    "description": "CWE-121 Stack-based Buffer Overflow",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T16:51:14.635Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.155Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThere are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.\u003c/p\u003e\u003cp\u003e \u003c/p\u003e"
                }
              ],
              "value": "There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T13:23:16.767Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31468",
        "datePublished": "2024-05-14T22:24:53.386Z",
        "dateReserved": "2024-04-03T21:21:22.896Z",
        "dateUpdated": "2025-06-24T13:23:16.767Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31467 (GCVE-0-2024-31467)

    Vulnerability from nvd – Published: 2024-05-14 22:08 – Updated: 2025-06-24 13:20
    VLAI
    Title
    Unauthenticated Buffer Overflow Vulnerabilities in CLI Service Accessed by the PAPI Protocol
    Summary
    There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-121 - Stack-based Buffer Overflow
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Erik De Jong (bugcrowd.com/erikdejong)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31467",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-17T04:00:29.379593Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-121",
                    "description": "CWE-121 Stack-based Buffer Overflow",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T16:50:53.606Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.152Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Erik De Jong (bugcrowd.com/erikdejong)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThere are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.\u003c/p\u003e"
                }
              ],
              "value": "There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T13:20:29.703Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "title": "Unauthenticated Buffer Overflow Vulnerabilities in CLI Service Accessed by the PAPI Protocol",
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31467",
        "datePublished": "2024-05-14T22:08:51.360Z",
        "dateReserved": "2024-04-03T21:21:22.896Z",
        "dateUpdated": "2025-06-24T13:20:29.703Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31483 (GCVE-0-2024-31483)

    Vulnerability from cvelistv5 – Published: 2024-05-14 22:37 – Updated: 2025-06-24 15:23
    VLAI
    Summary
    An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31483",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T13:43:52.164471Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-31T15:12:51.026Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.245Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAn authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.\u003c/p\u003e"
                }
              ],
              "value": "An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:23:49.047Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31483",
        "datePublished": "2024-05-14T22:37:06.652Z",
        "dateReserved": "2024-04-03T21:21:22.898Z",
        "dateUpdated": "2025-06-24T15:23:49.047Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31482 (GCVE-0-2024-31482)

    Vulnerability from cvelistv5 – Published: 2024-05-14 22:36 – Updated: 2025-06-24 15:22
    VLAI
    Summary
    An unauthenticated Denial-of-Service (DoS) vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected Access Point.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31482",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T13:43:20.652798Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T17:01:42.878Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.280Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAn unauthenticated Denial-of-Service (DoS) vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected Access Point.\u003c/p\u003e"
                }
              ],
              "value": "An unauthenticated Denial-of-Service (DoS) vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected Access Point."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:22:57.371Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31482",
        "datePublished": "2024-05-14T22:36:10.770Z",
        "dateReserved": "2024-04-03T21:21:22.898Z",
        "dateUpdated": "2025-06-24T15:22:57.371Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31481 (GCVE-0-2024-31481)

    Vulnerability from cvelistv5 – Published: 2024-05-14 22:35 – Updated: 2025-06-24 15:21
    VLAI
    Summary
    Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31481",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T13:42:47.657209Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T17:01:20.265Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.107Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUnauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.\u003c/p\u003e"
                }
              ],
              "value": "Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:21:48.806Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31481",
        "datePublished": "2024-05-14T22:35:29.359Z",
        "dateReserved": "2024-04-03T21:21:22.898Z",
        "dateUpdated": "2025-06-24T15:21:48.806Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31480 (GCVE-0-2024-31480)

    Vulnerability from cvelistv5 – Published: 2024-05-14 22:34 – Updated: 2025-06-24 15:19
    VLAI
    Summary
    Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31480",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T13:42:01.200373Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T17:01:00.228Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.134Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUnauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.\u003c/p\u003e"
                }
              ],
              "value": "Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:19:49.638Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31480",
        "datePublished": "2024-05-14T22:34:42.949Z",
        "dateReserved": "2024-04-03T21:21:22.898Z",
        "dateUpdated": "2025-06-24T15:19:49.638Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31479 (GCVE-0-2024-31479)

    Vulnerability from cvelistv5 – Published: 2024-05-14 22:33 – Updated: 2025-06-24 15:17
    VLAI
    Summary
    Unauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31479",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T13:25:35.184663Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T17:00:39.087Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.116Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUnauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service.\u003c/p\u003e"
                }
              ],
              "value": "Unauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:17:14.638Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31479",
        "datePublished": "2024-05-14T22:33:38.302Z",
        "dateReserved": "2024-04-03T21:21:22.898Z",
        "dateUpdated": "2025-06-24T15:17:14.638Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31478 (GCVE-0-2024-31478)

    Vulnerability from cvelistv5 – Published: 2024-05-14 22:32 – Updated: 2025-06-24 15:01
    VLAI
    Summary
    Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exists in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilites result in the ability to interrupt the normal operation of the affected Access Point.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31478",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T13:41:22.094004Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T17:00:19.275Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.134Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMultiple unauthenticated Denial-of-Service (DoS) vulnerabilities exists in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilites result in the ability to interrupt the normal operation of the affected Access Point.\u003c/p\u003e"
                }
              ],
              "value": "Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exists in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilites result in the ability to interrupt the normal operation of the affected Access Point."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:01:43.100Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31478",
        "datePublished": "2024-05-14T22:32:51.129Z",
        "dateReserved": "2024-04-03T21:21:22.897Z",
        "dateUpdated": "2025-06-24T15:01:43.100Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31477 (GCVE-0-2024-31477)

    Vulnerability from cvelistv5 – Published: 2024-05-14 22:32 – Updated: 2025-06-24 15:15
    VLAI
    Summary
    Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Erik De Jong (bugcrowd.com/erikdejong)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31477",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-17T04:00:34.951992Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T16:59:03.824Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.111Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Erik De Jong (bugcrowd.com/erikdejong)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMultiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.\u003c/p\u003e"
                }
              ],
              "value": "Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:15:50.694Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31477",
        "datePublished": "2024-05-14T22:32:06.557Z",
        "dateReserved": "2024-04-03T21:21:22.897Z",
        "dateUpdated": "2025-06-24T15:15:50.694Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31476 (GCVE-0-2024-31476)

    Vulnerability from cvelistv5 – Published: 2024-05-14 22:31 – Updated: 2025-06-24 15:14
    VLAI
    Summary
    Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31476",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-17T04:00:34.232578Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T16:58:41.775Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.100Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eMultiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.\u003c/p\u003e"
                }
              ],
              "value": "Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:14:48.403Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31476",
        "datePublished": "2024-05-14T22:31:22.072Z",
        "dateReserved": "2024-04-03T21:21:22.897Z",
        "dateUpdated": "2025-06-24T15:14:48.403Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31475 (GCVE-0-2024-31475)

    Vulnerability from cvelistv5 – Published: 2024-05-14 22:30 – Updated: 2025-06-24 15:13
    VLAI
    Summary
    There is an arbitrary file deletion vulnerability in the Central Communications service accessed by PAPI (Aruba's access point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the affected Access Point.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-463 - Deletion of Data Structure Sentinel
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31475",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T13:39:38.114508Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-463",
                    "description": "CWE-463 Deletion of Data Structure Sentinel",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T16:58:20.334Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.143Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThere is an arbitrary file deletion vulnerability in the Central Communications service accessed by PAPI (Aruba\u0027s access point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the affected Access Point.\u003c/p\u003e"
                }
              ],
              "value": "There is an arbitrary file deletion vulnerability in the Central Communications service accessed by PAPI (Aruba\u0027s access point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the affected Access Point."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:13:24.884Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31475",
        "datePublished": "2024-05-14T22:30:27.186Z",
        "dateReserved": "2024-04-03T21:21:22.897Z",
        "dateUpdated": "2025-06-24T15:13:24.884Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31474 (GCVE-0-2024-31474)

    Vulnerability from cvelistv5 – Published: 2024-05-14 22:29 – Updated: 2025-06-24 15:12
    VLAI
    Summary
    There is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI (Aruba's Access Point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the affected Access Point
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-463 - Deletion of Data Structure Sentinel
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Chancen
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31474",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-15T13:39:14.628824Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-463",
                    "description": "CWE-463 Deletion of Data Structure Sentinel",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T16:57:56.588Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.090Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Chancen"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThere is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI (Aruba\u0027s Access Point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the affected Access Point\u003c/p\u003e"
                }
              ],
              "value": "There is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI (Aruba\u0027s Access Point management protocol). Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to the ability to interrupt normal operation and impact the integrity of the affected Access Point"
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:12:08.560Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31474",
        "datePublished": "2024-05-14T22:29:51.497Z",
        "dateReserved": "2024-04-03T21:21:22.897Z",
        "dateUpdated": "2025-06-24T15:12:08.560Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31473 (GCVE-0-2024-31473)

    Vulnerability from cvelistv5 – Published: 2024-05-14 22:29 – Updated: 2025-06-24 15:11
    VLAI
    Summary
    There is a command injection vulnerability in the underlying deauthentication service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Erik De Jong (bugcrowd.com/erikdejong
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31473",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-17T04:00:19.151899Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-13T13:58:45.097Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.079Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Erik De Jong (bugcrowd.com/erikdejong"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThere is a command injection vulnerability in the underlying deauthentication service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.\u003c/p\u003e"
                }
              ],
              "value": "There is a command injection vulnerability in the underlying deauthentication service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T15:11:19.420Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31473",
        "datePublished": "2024-05-14T22:29:11.994Z",
        "dateReserved": "2024-04-03T21:21:22.897Z",
        "dateUpdated": "2025-06-24T15:11:19.420Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31472 (GCVE-0-2024-31472)

    Vulnerability from cvelistv5 – Published: 2024-05-14 22:28 – Updated: 2025-06-24 14:57
    VLAI
    Summary
    There are command injection vulnerabilities in the underlying Soft AP Daemon service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Erik De Jong (bugcrowd.com/erikdejong
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31472",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-17T04:00:33.431077Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T16:53:34.342Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.033Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Erik De Jong (bugcrowd.com/erikdejong"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThere are command injection vulnerabilities in the underlying Soft AP Daemon service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.\u003c/p\u003e"
                }
              ],
              "value": "There are command injection vulnerabilities in the underlying Soft AP Daemon service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T14:57:21.615Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31472",
        "datePublished": "2024-05-14T22:28:29.845Z",
        "dateReserved": "2024-04-03T21:21:22.897Z",
        "dateUpdated": "2025-06-24T14:57:21.615Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-31471 (GCVE-0-2024-31471)

    Vulnerability from cvelistv5 – Published: 2024-05-14 22:27 – Updated: 2025-06-24 14:26
    VLAI
    Summary
    There is a command injection vulnerability in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise (HPE) AOS-8 Instant and AOS-10 AP Affected: 10.5.0.0 , ≤ 10.5.1.0 (semver)
    Affected: 10.4.0.0 , ≤ 10.4.1.0 (semver)
    Affected: 8.11.0.0 , ≤ 8.11.2.1 (semver)
    Affected: 8.10.0.0 , ≤ 8.10.0.10 (semver)
    Affected: 8.6.0.0 , ≤ 8.6.0.23 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , ≤ 10.5.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , ≤ 10.4.1.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , ≤ 8.10.0.10 (custom)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , ≤ 8.11.2.1 (custom)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.6.0.0 , ≤ 8.6.0.23 (custom)
        cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (custom)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.9.0.0 , < 8.10.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.8.0.0 , < 8.9.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.5.0.0 , < 8.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.8.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.5.0.0 , < 6.6.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.5.0.0 (custom)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Erik De Jong (bugcrowd.com/erikdejong
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.5.1.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "10.4.1.0",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.10.0.10",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.11.2.1",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThanOrEqual": "8.6.0.23",
                    "status": "affected",
                    "version": "8.6.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.9.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.9.0.0",
                    "status": "affected",
                    "version": "8.8.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.8.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.5.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.5.0.0",
                    "versionType": "custom"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.5.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-31471",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-05-17T04:00:32.598112Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-78",
                    "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-06T16:53:13.647Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T01:52:57.106Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "AOS-8 Instant and AOS-10 AP",
              "vendor": "Hewlett Packard Enterprise (HPE)",
              "versions": [
                {
                  "lessThanOrEqual": "10.5.1.0",
                  "status": "affected",
                  "version": "10.5.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "10.4.1.0",
                  "status": "affected",
                  "version": "10.4.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.11.2.1",
                  "status": "affected",
                  "version": "8.11.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.10.0.10",
                  "status": "affected",
                  "version": "8.10.0.0",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "8.6.0.23",
                  "status": "affected",
                  "version": "8.6.0.0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "Erik De Jong (bugcrowd.com/erikdejong"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eThere is a command injection vulnerability in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.\u003c/p\u003e"
                }
              ],
              "value": "There is a command injection vulnerability in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba\u0027s Access Point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-06-24T14:26:02.859Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04647en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04647",
            "discovery": "INTERNAL"
          },
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-31471",
        "datePublished": "2024-05-14T22:27:21.146Z",
        "dateReserved": "2024-04-03T21:21:22.896Z",
        "dateUpdated": "2025-06-24T14:26:02.859Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }