Description
An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Spectrum service accessed via the PAPI protocol in ArubaOS 8.x. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low
Affected products
- Hewlett Packard Enterprise (HPE) / ArubaOS Wi-Fi Controllers and Campus/Remote Access PointsArubaOS 10.5.x.x: 10.5.0.1 and below – ArubaOS 10.5.x.x: 10.5.0.1 and below
- Hewlett Packard Enterprise (HPE) / ArubaOS Wi-Fi Controllers and Campus/Remote Access PointsArubaOS 10.4.x.x: 10.4.0.3 and below – ArubaOS 10.4.x.x: 10.4.0.3 and below
- Hewlett Packard Enterprise (HPE) / ArubaOS Wi-Fi Controllers and Campus/Remote Access PointsArubaOS 8.11.x.x: 8.11.2.0 and below – ArubaOS 8.11.x.x: 8.11.2.0 and below
- Hewlett Packard Enterprise (HPE) / ArubaOS Wi-Fi Controllers and Campus/Remote Access PointsArubaOS 8.10.x.x: 8.10.0.9 and below – ArubaOS 8.10.x.x: 8.10.0.9 and below