Описание
There is a vulnerability in the AP Certificate Management Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise.
Уязвимые конфигурации
Конфигурация 1Версия от 10.3.0.0 (включая) до 10.4.1.4 (исключая)Версия от 10.5.0.0 (включая) до 10.6.0.1 (исключая)Версия от 6.4.0.0 (включая) до 8.10.0.13 (исключая)Версия от 8.12.0.0 (включая) до 8.12.0.2 (исключая)
Одно из
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:instantos:*:*:*:*:*:*:*:*
cpe:2.3:o:hp:instantos:*:*:*:*:*:*:*:*
EPSS
Процентиль: 50%
0.00266
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-787
CWE-295
Связанные уязвимости
CVSS3: 9.8
github
больше 1 года назад
There is a vulnerability in the AP Certificate Management Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise.
EPSS
Процентиль: 50%
0.00266
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-787
CWE-295