A vulnerability allowing improper input handling has been identified in the web-based management interface of HPE Aruba Networking mobility conductors, controllers, and gateways running AOS-10 or AOS-8. This vulnerability could be exploited by an authenticated malicious actor with valid credentials to cause unintended behavior on the affected system.
Exploitation of this vulnerability could lead to arbitrary command execution, unauthorized write access to the file system, or other unintended behaviors, depending on the specific context of the exploitation.
To address this vulnerability, HPE Aruba Networking recommends upgrading to AOS-10.7.2.2 and above, AOS-10.4.1.10 and above, AOS-8.13.1.1 and above, or AOS-8.10.0.21 and above. These updates can be downloaded from the HPE Networking Support Portal.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
