{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-31483", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "state": "PUBLISHED", "assignerShortName": "hpe", "dateReserved": "2024-04-03T21:21:22.898Z", "datePublished": "2024-05-14T22:37:06.652Z", "dateUpdated": "2024-08-02T01:52:57.245Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Aruba InstantOS and Aruba Access Points running ArubaOS 10", "vendor": "Hewlett Packard Enterprise (HPE)", "versions": [{"status": "affected", "version": "InstantOS or ArubaOS (access points) 10.5.x.x: 10.5.1.0 and below."}, {"status": "affected", "version": "InstantOS or ArubaOS (access points) 10.4.x.x: 10.4.1.0 and below."}, {"status": "affected", "version": "InstantOS or ArubaOS (access points) 8.11.x.x: 8.11.2.1 and below."}, {"status": "affected", "version": "InstantOS or ArubaOS (access points) 8.10.x.x: 8.10.0.10 and below."}, {"status": "affected", "version": "InstantOS or ArubaOS (access points) 8.6.x.x: 8.6.0.23 and below."}]}], "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Chancen"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.</p>"}], "value": "An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2024-05-14T22:37:06.652Z"}, "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "arubanetworks", "product": "arubaos", "cpes": ["cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "10.5.0.0", "status": "affected", "lessThanOrEqual": "10.5.1.0", "versionType": "custom"}]}, {"vendor": "arubanetworks", "product": "arubaos", "cpes": ["cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "10.4.0.0", "status": "affected", "lessThanOrEqual": "10.4.1.0", "versionType": "custom"}]}, {"vendor": "arubanetworks", "product": "instant", "cpes": ["cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "8.10.0.0", "status": "affected", "lessThanOrEqual": "8.10.0.10", "versionType": "custom"}]}, {"vendor": "arubanetworks", "product": "instant", "cpes": ["cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "8.11.0.0", "status": "affected", "lessThanOrEqual": "8.11.2.1", "versionType": "custom"}]}, {"vendor": "arubanetworks", "product": "instant", "cpes": ["cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "8.6.0.0", "status": "affected", "lessThanOrEqual": "8.6.0.23", "versionType": "custom"}]}, {"vendor": "arubanetworks", "product": "arubaos", "cpes": ["cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "10.3.0.0", "status": "affected", "lessThan": "10.4.0.0", "versionType": "custom"}]}, {"vendor": "arubanetworks", "product": "instant", "cpes": ["cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "8.9.0.0", "status": "affected", "lessThan": "8.10.0.0", "versionType": "custom"}]}, {"vendor": "arubanetworks", "product": "instant", "cpes": ["cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "8.8.0.0", "status": "affected", "lessThan": "8.9.0.0", "versionType": "custom"}]}, {"vendor": "arubanetworks", "product": "instant", "cpes": ["cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "8.5.0.0", "status": "affected", "lessThan": "8.6.0.0", "versionType": "custom"}]}, {"vendor": "arubanetworks", "product": "instant", "cpes": ["cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "8.7.0.0", "status": "affected", "lessThan": "8.8.0.0", "versionType": "custom"}]}, {"vendor": "arubanetworks", "product": "instant", "cpes": ["cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "8.4.0.0", "status": "affected", "lessThan": "8.5.0.0", "versionType": "custom"}]}, {"vendor": "arubanetworks", "product": "instant", "cpes": ["cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.5.0.0", "status": "affected", "lessThan": "6.6.0.0", "versionType": "custom"}]}, {"vendor": "arubanetworks", "product": "instant", "cpes": ["cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.4.0.0", "status": "affected", "lessThan": "6.5.0.0", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-05-15T13:43:52.164471Z", "id": "CVE-2024-31483", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-06T17:02:29.084Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T01:52:57.245Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-31483", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "state": "PUBLISHED", "assignerShortName": "hpe", "dateReserved": "2024-04-03T21:21:22.898Z", "datePublished": "2024-05-14T22:37:06.652Z", "dateUpdated": "2024-06-06T17:02:29.084Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Aruba InstantOS and Aruba Access Points running ArubaOS 10", "vendor": "Hewlett Packard Enterprise (HPE)", "versions": [{"status": "affected", "version": "InstantOS or ArubaOS (access points) 10.5.x.x: 10.5.1.0 and below."}, {"status": "affected", "version": "InstantOS or ArubaOS (access points) 10.4.x.x: 10.4.1.0 and below."}, {"status": "affected", "version": "InstantOS or ArubaOS (access points) 8.11.x.x: 8.11.2.1 and below."}, {"status": "affected", "version": "InstantOS or ArubaOS (access points) 8.10.x.x: 8.10.0.10 and below."}, {"status": "affected", "version": "InstantOS or ArubaOS (access points) 8.6.x.x: 8.6.0.23 and below."}]}], "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Chancen"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.</p>"}], "value": "An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2024-05-14T22:37:06.652Z"}, "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-31483", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-15T13:43:52.164471Z"}}}], "affected": [{"cpes": ["cpe:2.3:o:arubanetworks:arubaos:10.5.0.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "arubaos", "versions": [{"status": "affected", "version": "10.5.0.0", "versionType": "custom", "lessThanOrEqual": "10.5.1.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:arubanetworks:arubaos:10.4.0.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "arubaos", "versions": [{"status": "affected", "version": "10.4.0.0", "versionType": "custom", "lessThanOrEqual": "10.4.1.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:arubanetworks:instant:8.10.0.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "instant", "versions": [{"status": "affected", "version": "8.10.0.0", "versionType": "custom", "lessThanOrEqual": "8.10.0.10"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:arubanetworks:instant:8.11.0.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "instant", "versions": [{"status": "affected", "version": "8.11.0.0", "versionType": "custom", "lessThanOrEqual": "8.11.2.1"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:arubanetworks:instant:8.6.0.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "instant", "versions": [{"status": "affected", "version": "8.6.0.0", "versionType": "custom", "lessThanOrEqual": "8.6.0.23"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "arubaos", "versions": [{"status": "affected", "version": "10.3.0.0", "lessThan": "10.4.0.0", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:arubanetworks:instant:8.9.0.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "instant", "versions": [{"status": "affected", "version": "8.9.0.0", "lessThan": "8.10.0.0", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:arubanetworks:instant:8.8.0.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "instant", "versions": [{"status": "affected", "version": "8.8.0.0", "lessThan": "8.9.0.0", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:arubanetworks:instant:8.5.0.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "instant", "versions": [{"status": "affected", "version": "8.5.0.0", "lessThan": "8.6.0.0", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:arubanetworks:instant:8.7.0.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "instant", "versions": [{"status": "affected", "version": "8.7.0.0", "lessThan": "8.8.0.0", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:arubanetworks:instant:8.4.0.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "instant", "versions": [{"status": "affected", "version": "8.4.0.0", "lessThan": "8.5.0.0", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:arubanetworks:instant:6.5.0.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "instant", "versions": [{"status": "affected", "version": "6.5.0.0", "lessThan": "6.6.0.0", "versionType": "custom"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:arubanetworks:instant:6.4.0.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "instant", "versions": [{"status": "affected", "version": "6.4.0.0", "lessThan": "6.5.0.0", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-15T13:43:33.911Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.\n\n"}, {"lang": "es", "value": "Existe una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n confidencial autenticada en el servicio CLI al que se accede a trav\u00e9s del protocolo PAPI. La explotaci\u00f3n exitosa de esta vulnerabilidad da como resultado la capacidad de leer archivos arbitrarios en el sistema operativo subyacente."}], "id": "CVE-2024-31483", "lastModified": "2024-05-15T16:40:19.330", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "security-alert@hpe.com", "type": "Secondary"}]}, "published": "2024-05-14T23:15:13.097", "references": [{"source": "security-alert@hpe.com", "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"}], "sourceIdentifier": "security-alert@hpe.com", "vulnStatus": "Awaiting Analysis"}

{}