An arbitrary file download vulnerability has been identified in the CLI binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor operating systems. This vulnerability allows authenticated malicious actors to download arbitrary files by exploiting the issue through carefully crafted methods.
Successful exploitation of this vulnerability could lead to unauthorized access to files on the affected system.
To address this vulnerability, users should upgrade to AOS-10.7.2.1 and above, AOS-10.4.1.9 and above, AOS-8.13.1.0 and above, AOS-8.12.0.6 and above, or AOS-8.10.0.19 and above. These versions include the necessary patches to resolve the vulnerability. For more information, visit the HPE Networking Support Portal.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
