Описание
The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest account, which allows remote attackers to access administrative interfaces or the WLAN.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:h:alcatel-lucent:omniaccess_wireless:43xx:*:*:*:*:*:*:*
cpe:2.3:h:alcatel-lucent:omniaccess_wireless:6000:*:*:*:*:*:*:*
cpe:2.3:h:aruba:mobility_controller:200:*:*:*:*:*:*:*
cpe:2.3:h:aruba:mobility_controller:800:*:*:*:*:*:*:*
cpe:2.3:h:aruba:mobility_controller:2400:*:*:*:*:*:*:*
cpe:2.3:h:aruba:mobility_controller:6000:*:*:*:*:*:*:*
EPSS
Процентиль: 89%
0.04554
Низкий
7.5 High
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
почти 4 года назад
The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest account, which allows remote attackers to access administrative interfaces or the WLAN.
EPSS
Процентиль: 89%
0.04554
Низкий
7.5 High
CVSS2
Дефекты
CWE-264