Описание
Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Vendor Advisory
- Third Party Advisory
- Broken Link
- ExploitThird Party AdvisoryVDB Entry
- ExploitMailing ListThird Party Advisory
- Vendor Advisory
- Third Party Advisory
- Broken Link
Уязвимые конфигурации
Конфигурация 1Версия до 8.2.0.0 (исключая)Версия до 4.1.3.0 (исключая)
Одно из
cpe:2.3:a:arubanetworks:airwave:*:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:aruba_instant:*:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:aruba_instant:4.2.3.1:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:siemens:scalance_w1750d_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01313
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code.
EPSS
Процентиль: 79%
0.01313
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-20