CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
9.0%
An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.
[
{
"defaultStatus": "affected",
"product": "Aruba InstantOS and Aruba Access Points running ArubaOS 10",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "InstantOS or ArubaOS (access points) 10.5.x.x: 10.5.1.0 and below."
},
{
"status": "affected",
"version": "InstantOS or ArubaOS (access points) 10.4.x.x: 10.4.1.0 and below."
},
{
"status": "affected",
"version": "InstantOS or ArubaOS (access points) 8.11.x.x: 8.11.2.1 and below."
},
{
"status": "affected",
"version": "InstantOS or ArubaOS (access points) 8.10.x.x: 8.10.0.10 and below."
},
{
"status": "affected",
"version": "InstantOS or ArubaOS (access points) 8.6.x.x: 8.6.0.23 and below."
}
]
}
]