A command injection vulnerability has been identified in the web-based management interface of HPE Aruba Networking mobility conductors running the AOS-8 operating system. This vulnerability allows authenticated malicious actors to execute arbitrary commands as privileged users on the underlying operating system.
Exploitation of this vulnerability could lead to unauthorized command execution with elevated privileges on the affected system's operating system.
To address this vulnerability, upgrade to AOS-8.13.1.1 or above. For versions prior to AOS-8.13.1.1, consult the HPE Aruba Networking Support Portal for available updates.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
