Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10 by Hewlett Packard Enterprise

    CVE-2024-42400 (GCVE-0-2024-42400)

    Vulnerability from nvd – Published: 2024-08-06 19:51 – Updated: 2025-03-13 17:20
    VLAI
    Title
    Unauthenticated Denial-of-Service (DoS) Vulnerabilities in the Soft AP Daemon Service Accessed by the PAPI Protocol
    Summary
    Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10 Affected: Version 8.12.0.0: 8.12.0.1 and below , ≤ <=8.12.0.1 (semver)
    Affected: Version 8.10.0.0: 8.10.0.12 and below , ≤ <=8.10.0.12 (semver)
    Affected: Version 10.6.0.0: 10.6.0.0 and below , ≤ <=10.6.0.0 (semver)
    Affected: Version 10.4.0.0: 10.4.1.3 and below , ≤ <=10.4.1.3 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.6.0.0 , < 10.6.0.1 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , < 10.4.1.2 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.12.0.0 , < 8.12.0.2 (semver)
        cpe:2.3:o:arubanetworks:instant:8.12.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , < 8.10.0.13 (semver)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , < 10.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , < 8.12.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.10.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-06 19:24
    Credits
    zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.6.0.1",
                    "status": "affected",
                    "version": "10.6.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.1.2",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.12.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.12.0.2",
                    "status": "affected",
                    "version": "8.12.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.13",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.6.0.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.12.0.0",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42400",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-06T20:27:16.617985Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-13T17:20:31.058Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
              "vendor": "Hewlett Packard Enterprise",
              "versions": [
                {
                  "lessThanOrEqual": "\u003c=8.12.0.1",
                  "status": "affected",
                  "version": "Version 8.12.0.0: 8.12.0.1 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=8.10.0.12",
                  "status": "affected",
                  "version": "Version 8.10.0.0: 8.10.0.12 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=10.6.0.0",
                  "status": "affected",
                  "version": "Version 10.6.0.0: 10.6.0.0 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=10.4.1.3",
                  "status": "affected",
                  "version": "Version 10.4.0.0: 10.4.1.3 and below",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)"
            }
          ],
          "datePublic": "2024-08-06T19:24:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point."
                }
              ],
              "value": "Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-06T19:51:17.264Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04678",
            "discovery": "EXTERNAL"
          },
          "title": "Unauthenticated Denial-of-Service (DoS) Vulnerabilities in the Soft AP Daemon Service Accessed by the PAPI Protocol",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-42400",
        "datePublished": "2024-08-06T19:51:17.264Z",
        "dateReserved": "2024-07-31T20:37:28.338Z",
        "dateUpdated": "2025-03-13T17:20:31.058Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-42399 (GCVE-0-2024-42399)

    Vulnerability from nvd – Published: 2024-08-06 19:48 – Updated: 2025-03-13 13:37
    VLAI
    Title
    Unauthenticated Denial-of-Service (DoS) Vulnerabilities in the Soft AP Daemon Service Accessed by the PAPI Protocol
    Summary
    Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10 Affected: Version 8.12.0.0: 8.12.0.1 and below , ≤ <=8.12.0.1 (semver)
    Affected: Version 8.10.0.0: 8.10.0.12 and below , ≤ <=8.10.0.12 (semver)
    Affected: Version 10.6.0.0: 10.6.0.0 and below , ≤ <=10.6.0.0 (semver)
    Affected: Version 10.4.0.0: 10.4.1.3 and below , ≤ <=10.4.1.3 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.6.0.0 , < 10.6.0.1 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , < 10.4.1.2 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.12.0.0 , < 8.12.0.2 (semver)
        cpe:2.3:o:arubanetworks:instant:8.12.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , < 8.10.0.13 (semver)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , < 10.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , < 8.12.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.10.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-06 19:24
    Credits
    zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.6.0.1",
                    "status": "affected",
                    "version": "10.6.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.1.2",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.12.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.12.0.2",
                    "status": "affected",
                    "version": "8.12.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.13",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.6.0.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.12.0.0",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42399",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-06T20:27:21.784664Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-400",
                    "description": "CWE-400 Uncontrolled Resource Consumption",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-13T13:37:13.997Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
              "vendor": "Hewlett Packard Enterprise",
              "versions": [
                {
                  "lessThanOrEqual": "\u003c=8.12.0.1",
                  "status": "affected",
                  "version": "Version 8.12.0.0: 8.12.0.1 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=8.10.0.12",
                  "status": "affected",
                  "version": "Version 8.10.0.0: 8.10.0.12 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=10.6.0.0",
                  "status": "affected",
                  "version": "Version 10.6.0.0: 10.6.0.0 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=10.4.1.3",
                  "status": "affected",
                  "version": "Version 10.4.0.0: 10.4.1.3 and below",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)"
            }
          ],
          "datePublic": "2024-08-06T19:24:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point."
                }
              ],
              "value": "Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-06T19:48:07.255Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04678",
            "discovery": "EXTERNAL"
          },
          "title": "Unauthenticated Denial-of-Service (DoS) Vulnerabilities in the Soft AP Daemon Service Accessed by the PAPI Protocol",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-42399",
        "datePublished": "2024-08-06T19:48:07.255Z",
        "dateReserved": "2024-07-31T20:37:28.338Z",
        "dateUpdated": "2025-03-13T13:37:13.997Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-42398 (GCVE-0-2024-42398)

    Vulnerability from nvd – Published: 2024-08-06 19:37 – Updated: 2025-03-24 21:04
    VLAI
    Title
    Unauthenticated Denial-of-Service (DoS) Vulnerabilities in the Soft AP Daemon Service Accessed by the PAPI Protocol
    Summary
    Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10 Affected: Version 8.12.0.0: 8.12.0.1 and below , ≤ <=8.12.0.1 (semver)
    Affected: Version 8.10.0.0: 8.10.0.12 and below , ≤ <=8.10.0.12 (semver)
    Affected: Version 10.6.0.0: 10.6.0.0 and below , ≤ <=10.6.0.0 (semver)
    Affected: Version 10.4.0.0: 10.4.1.3 and below , ≤ <=10.4.1.3 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.6.0.0 , < 10.6.0.1 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , < 10.4.1.2 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.12.0.0 , < 8.12.0.2 (semver)
        cpe:2.3:o:arubanetworks:instant:8.12.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , < 8.10.0.13 (semver)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , < 10.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , < 8.12.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.10.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-06 19:24
    Credits
    zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.6.0.1",
                    "status": "affected",
                    "version": "10.6.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.1.2",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.12.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.12.0.2",
                    "status": "affected",
                    "version": "8.12.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.13",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.6.0.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.12.0.0",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42398",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-06T19:49:16.243921Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-400",
                    "description": "CWE-400 Uncontrolled Resource Consumption",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-24T21:04:59.030Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
              "vendor": "Hewlett Packard Enterprise",
              "versions": [
                {
                  "lessThanOrEqual": "\u003c=8.12.0.1",
                  "status": "affected",
                  "version": "Version 8.12.0.0: 8.12.0.1 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=8.10.0.12",
                  "status": "affected",
                  "version": "Version 8.10.0.0: 8.10.0.12 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=10.6.0.0",
                  "status": "affected",
                  "version": "Version 10.6.0.0: 10.6.0.0 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=10.4.1.3",
                  "status": "affected",
                  "version": "Version 10.4.0.0: 10.4.1.3 and below",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)"
            }
          ],
          "datePublic": "2024-08-06T19:24:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point."
                }
              ],
              "value": "Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-06T19:38:53.191Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04678",
            "discovery": "EXTERNAL"
          },
          "title": "Unauthenticated Denial-of-Service (DoS) Vulnerabilities in the Soft AP Daemon Service Accessed by the PAPI Protocol",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-42398",
        "datePublished": "2024-08-06T19:37:12.816Z",
        "dateReserved": "2024-07-31T20:37:28.338Z",
        "dateUpdated": "2025-03-24T21:04:59.030Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-42400 (GCVE-0-2024-42400)

    Vulnerability from cvelistv5 – Published: 2024-08-06 19:51 – Updated: 2025-03-13 17:20
    VLAI
    Title
    Unauthenticated Denial-of-Service (DoS) Vulnerabilities in the Soft AP Daemon Service Accessed by the PAPI Protocol
    Summary
    Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10 Affected: Version 8.12.0.0: 8.12.0.1 and below , ≤ <=8.12.0.1 (semver)
    Affected: Version 8.10.0.0: 8.10.0.12 and below , ≤ <=8.10.0.12 (semver)
    Affected: Version 10.6.0.0: 10.6.0.0 and below , ≤ <=10.6.0.0 (semver)
    Affected: Version 10.4.0.0: 10.4.1.3 and below , ≤ <=10.4.1.3 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.6.0.0 , < 10.6.0.1 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , < 10.4.1.2 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.12.0.0 , < 8.12.0.2 (semver)
        cpe:2.3:o:arubanetworks:instant:8.12.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , < 8.10.0.13 (semver)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , < 10.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , < 8.12.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.10.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-06 19:24
    Credits
    zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.6.0.1",
                    "status": "affected",
                    "version": "10.6.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.1.2",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.12.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.12.0.2",
                    "status": "affected",
                    "version": "8.12.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.13",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.6.0.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.12.0.0",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42400",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-06T20:27:16.617985Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-13T17:20:31.058Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
              "vendor": "Hewlett Packard Enterprise",
              "versions": [
                {
                  "lessThanOrEqual": "\u003c=8.12.0.1",
                  "status": "affected",
                  "version": "Version 8.12.0.0: 8.12.0.1 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=8.10.0.12",
                  "status": "affected",
                  "version": "Version 8.10.0.0: 8.10.0.12 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=10.6.0.0",
                  "status": "affected",
                  "version": "Version 10.6.0.0: 10.6.0.0 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=10.4.1.3",
                  "status": "affected",
                  "version": "Version 10.4.0.0: 10.4.1.3 and below",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)"
            }
          ],
          "datePublic": "2024-08-06T19:24:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point."
                }
              ],
              "value": "Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-06T19:51:17.264Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04678",
            "discovery": "EXTERNAL"
          },
          "title": "Unauthenticated Denial-of-Service (DoS) Vulnerabilities in the Soft AP Daemon Service Accessed by the PAPI Protocol",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-42400",
        "datePublished": "2024-08-06T19:51:17.264Z",
        "dateReserved": "2024-07-31T20:37:28.338Z",
        "dateUpdated": "2025-03-13T17:20:31.058Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-42399 (GCVE-0-2024-42399)

    Vulnerability from cvelistv5 – Published: 2024-08-06 19:48 – Updated: 2025-03-13 13:37
    VLAI
    Title
    Unauthenticated Denial-of-Service (DoS) Vulnerabilities in the Soft AP Daemon Service Accessed by the PAPI Protocol
    Summary
    Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10 Affected: Version 8.12.0.0: 8.12.0.1 and below , ≤ <=8.12.0.1 (semver)
    Affected: Version 8.10.0.0: 8.10.0.12 and below , ≤ <=8.10.0.12 (semver)
    Affected: Version 10.6.0.0: 10.6.0.0 and below , ≤ <=10.6.0.0 (semver)
    Affected: Version 10.4.0.0: 10.4.1.3 and below , ≤ <=10.4.1.3 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.6.0.0 , < 10.6.0.1 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , < 10.4.1.2 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.12.0.0 , < 8.12.0.2 (semver)
        cpe:2.3:o:arubanetworks:instant:8.12.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , < 8.10.0.13 (semver)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , < 10.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , < 8.12.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.10.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-06 19:24
    Credits
    zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.6.0.1",
                    "status": "affected",
                    "version": "10.6.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.1.2",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.12.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.12.0.2",
                    "status": "affected",
                    "version": "8.12.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.13",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.6.0.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.12.0.0",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42399",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-06T20:27:21.784664Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-400",
                    "description": "CWE-400 Uncontrolled Resource Consumption",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-13T13:37:13.997Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
              "vendor": "Hewlett Packard Enterprise",
              "versions": [
                {
                  "lessThanOrEqual": "\u003c=8.12.0.1",
                  "status": "affected",
                  "version": "Version 8.12.0.0: 8.12.0.1 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=8.10.0.12",
                  "status": "affected",
                  "version": "Version 8.10.0.0: 8.10.0.12 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=10.6.0.0",
                  "status": "affected",
                  "version": "Version 10.6.0.0: 10.6.0.0 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=10.4.1.3",
                  "status": "affected",
                  "version": "Version 10.4.0.0: 10.4.1.3 and below",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)"
            }
          ],
          "datePublic": "2024-08-06T19:24:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point."
                }
              ],
              "value": "Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-06T19:48:07.255Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04678",
            "discovery": "EXTERNAL"
          },
          "title": "Unauthenticated Denial-of-Service (DoS) Vulnerabilities in the Soft AP Daemon Service Accessed by the PAPI Protocol",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-42399",
        "datePublished": "2024-08-06T19:48:07.255Z",
        "dateReserved": "2024-07-31T20:37:28.338Z",
        "dateUpdated": "2025-03-13T13:37:13.997Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-42398 (GCVE-0-2024-42398)

    Vulnerability from cvelistv5 – Published: 2024-08-06 19:37 – Updated: 2025-03-24 21:04
    VLAI
    Title
    Unauthenticated Denial-of-Service (DoS) Vulnerabilities in the Soft AP Daemon Service Accessed by the PAPI Protocol
    Summary
    Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-400 - Uncontrolled Resource Consumption
    Assigner
    hpe
    Impacted products
    Vendor Product Version
    Hewlett Packard Enterprise HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10 Affected: Version 8.12.0.0: 8.12.0.1 and below , ≤ <=8.12.0.1 (semver)
    Affected: Version 8.10.0.0: 8.10.0.12 and below , ≤ <=8.10.0.12 (semver)
    Affected: Version 10.6.0.0: 10.6.0.0 and below , ≤ <=10.6.0.0 (semver)
    Affected: Version 10.4.0.0: 10.4.1.3 and below , ≤ <=10.4.1.3 (semver)
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.6.0.0 , < 10.6.0.1 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.6.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.4.0.0 , < 10.4.1.2 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.12.0.0 , < 8.12.0.2 (semver)
        cpe:2.3:o:arubanetworks:instant:8.12.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.10.0.0 , < 8.10.0.13 (semver)
        cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.5.0.0 , < 10.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks arubaos Affected: 10.3.0.0 , < 10.4.0.0 (semver)
        cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.11.0.0 , < 8.12.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.7.0.0 , < 8.10.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 8.4.0.0 , < 8.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    arubanetworks instant Affected: 6.4.0.0 , < 6.6.0.0 (semver)
        cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*
    Create a notification for this product.
    Date Public
    2024-08-06 19:24
    Credits
    zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.6.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.6.0.1",
                    "status": "affected",
                    "version": "10.6.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.1.2",
                    "status": "affected",
                    "version": "10.4.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.12.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.12.0.2",
                    "status": "affected",
                    "version": "8.12.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.13",
                    "status": "affected",
                    "version": "8.10.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.6.0.0",
                    "status": "affected",
                    "version": "10.5.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "arubaos",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "10.4.0.0",
                    "status": "affected",
                    "version": "10.3.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.12.0.0",
                    "status": "affected",
                    "version": "8.11.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.10.0.0",
                    "status": "affected",
                    "version": "8.7.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "8.6.0.0",
                    "status": "affected",
                    "version": "8.4.0.0",
                    "versionType": "semver"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "affected",
                "product": "instant",
                "vendor": "arubanetworks",
                "versions": [
                  {
                    "lessThan": "6.6.0.0",
                    "status": "affected",
                    "version": "6.4.0.0",
                    "versionType": "semver"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-42398",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-08-06T19:49:16.243921Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-400",
                    "description": "CWE-400 Uncontrolled Resource Consumption",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-24T21:04:59.030Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10",
              "vendor": "Hewlett Packard Enterprise",
              "versions": [
                {
                  "lessThanOrEqual": "\u003c=8.12.0.1",
                  "status": "affected",
                  "version": "Version 8.12.0.0: 8.12.0.1 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=8.10.0.12",
                  "status": "affected",
                  "version": "Version 8.10.0.0: 8.10.0.12 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=10.6.0.0",
                  "status": "affected",
                  "version": "Version 10.6.0.0: 10.6.0.0 and below",
                  "versionType": "semver"
                },
                {
                  "lessThanOrEqual": "\u003c=10.4.1.3",
                  "status": "affected",
                  "version": "Version 10.4.0.0: 10.4.1.3 and below",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "zzcentury from Ubisectech Sirius Team (https://www.ubisectech.com/)"
            }
          ],
          "datePublic": "2024-08-06T19:24:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point."
                }
              ],
              "value": "Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-08-06T19:38:53.191Z",
            "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
            "shortName": "hpe"
          },
          "references": [
            {
              "url": "https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us\u0026docLocale=en_US"
            }
          ],
          "source": {
            "advisory": "HPESBNW04678",
            "discovery": "EXTERNAL"
          },
          "title": "Unauthenticated Denial-of-Service (DoS) Vulnerabilities in the Soft AP Daemon Service Accessed by the PAPI Protocol",
          "x_generator": {
            "engine": "Vulnogram 0.2.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "assignerShortName": "hpe",
        "cveId": "CVE-2024-42398",
        "datePublished": "2024-08-06T19:37:12.816Z",
        "dateReserved": "2024-07-31T20:37:28.338Z",
        "dateUpdated": "2025-03-24T21:04:59.030Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }