Описание
An improper input handling vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor with valid credentials to trigger unintended behavior on the affected system.
Уязвимые конфигурации
Конфигурация 1Версия от 6.5.4.0 (включая) до 8.10.0.21 (исключая)Версия от 8.11.0.0 (включая) до 8.13.1.1 (исключая)Версия от 10.3.0.0 (включая) до 10.4.1.10 (исключая)Версия от 10.5.0.0 (включая) до 10.7.2.2 (исключая)
Одно из
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
EPSS
Процентиль: 28%
0.001
Низкий
7.2 High
CVSS3
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 7.2
github
25 дней назад
An improper input handling vulnerability exists in the web-based management interface of mobility conductors running either AOS-10 or AOS-8 operating systems. Successful exploitation could allow an authenticated malicious actor with valid credentials to trigger unintended behavior on the affected system.
EPSS
Процентиль: 28%
0.001
Низкий
7.2 High
CVSS3
Дефекты
CWE-20