Описание
Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x allows remote attackers to cause a denial of service (device crash) via a malformed Extensible Authentication Protocol (EAP) frame.
Комментарий
http://secunia.com/advisories/33057
Note: When using wireless, this only affects devices running in WPA/WPA2 Enterprise modes.
The vulnerability is reported in ArubaOS 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:aruba_networks:aruba_mobility_controller:2.4.8:*:fips:*:*:*:*:*
cpe:2.3:o:aruba_networks:aruba_mobility_controller:2.4.8.5:*:fips:*:*:*:*:*
cpe:2.3:o:aruba_networks:aruba_mobility_controller:2.4.8.6:*:fips:*:*:*:*:*
cpe:2.3:o:aruba_networks:aruba_mobility_controller:2.4.8.11:*:fips:*:*:*:*:*
cpe:2.3:o:aruba_networks:aruba_mobility_controller:2.5.2.11:*:*:*:*:*:*:*
cpe:2.3:o:aruba_networks:aruba_mobility_controller:2.5.4.17:*:*:*:*:*:*:*
cpe:2.3:o:aruba_networks:aruba_mobility_controller:2.5.4.18:*:*:*:*:*:*:*
cpe:2.3:o:aruba_networks:aruba_mobility_controller:2.5.4.25:*:*:*:*:*:*:*
cpe:2.3:o:aruba_networks:aruba_mobility_controller:2.5.5:*:*:*:*:*:*:*
cpe:2.3:o:aruba_networks:aruba_mobility_controller:2.5.5.7:*:*:*:*:*:*:*
cpe:2.3:o:aruba_networks:aruba_mobility_controller:2.5.6:*:*:*:*:*:*:*
cpe:2.3:o:aruba_networks:aruba_mobility_controller:3.1.1:*:*:*:*:*:*:*
cpe:2.3:o:aruba_networks:aruba_mobility_controllers:3.1.1.3:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:aruba_mobility_controller:3.1.1.0:*:fips:*:*:*:*:*
cpe:2.3:o:arubanetworks:aruba_mobility_controller:3.1.1.3:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:aruba_mobility_controller:3.2.0.0:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:aruba_mobility_controller:3.3.1.0:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:aruba_mobility_controller:3.3.1.6:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.01811
Низкий
7.8 High
CVSS2
Дефекты
CWE-399
Связанные уязвимости
github
больше 3 лет назад
Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x allows remote attackers to cause a denial of service (device crash) via a malformed Extensible Authentication Protocol (EAP) frame.
EPSS
Процентиль: 82%
0.01811
Низкий
7.8 High
CVSS2
Дефекты
CWE-399