An authenticated command injection vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. A successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to fully compromise the underlying host operating system.
Metrics
Affected Vendors & Products
References
History
Wed, 06 Nov 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Arubanetworks
Arubanetworks arubaos Arubanetworks instant |
|
Weaknesses | CWE-77 | |
CPEs | cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:* cpe:2.3:o:arubanetworks:instant:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Arubanetworks
Arubanetworks arubaos Arubanetworks instant |
|
Metrics |
ssvc
|
Tue, 05 Nov 2024 23:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An authenticated command injection vulnerability exists in the Instant AOS-8 and AOS-10 command line interface. A successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to fully compromise the underlying host operating system. | |
Title | Authenticated Arbitrary Remote Command Execution (RCE) in Instant AOS-8 and AOS-10 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: hpe
Published: 2024-11-05T22:54:12.794Z
Updated: 2024-11-09T04:55:49.787Z
Reserved: 2024-09-24T18:13:23.209Z
Link: CVE-2024-47461
Vulnrichment
Updated: 2024-11-06T15:45:12.665Z
NVD
Status : Awaiting Analysis
Published: 2024-11-05T23:15:03.787
Modified: 2024-11-06T18:17:17.287
Link: CVE-2024-47461
Redhat
No data.