Description
Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low
Affected products
- Hewlett Packard Enterprise / HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10Version 8.12.0.0: 8.12.0.1 and below – <=8.12.0.1
- Hewlett Packard Enterprise / HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10Version 8.10.0.0: 8.10.0.12 and below – <=8.10.0.12
- Hewlett Packard Enterprise / HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10Version 10.6.0.0: 10.6.0.0 and below – <=10.6.0.0
- Hewlett Packard Enterprise / HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10Version 10.4.0.0: 10.4.1.3 and below – <=10.4.1.3