mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
117 lines
4.7 KiB
JSON
117 lines
4.7 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-31483",
|
|
"ASSIGNER": "security-alert@hpe.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.\n\n"
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Hewlett Packard Enterprise (HPE)",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Aruba InstantOS and Aruba Access Points running ArubaOS 10",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "not down converted",
|
|
"x_cve_json_5_version_data": {
|
|
"versions": [
|
|
{
|
|
"status": "affected",
|
|
"version": "InstantOS or ArubaOS (access points) 10.5.x.x: 10.5.1.0 and below."
|
|
},
|
|
{
|
|
"status": "affected",
|
|
"version": "InstantOS or ArubaOS (access points) 10.4.x.x: 10.4.1.0 and below."
|
|
},
|
|
{
|
|
"status": "affected",
|
|
"version": "InstantOS or ArubaOS (access points) 8.11.x.x: 8.11.2.1 and below."
|
|
},
|
|
{
|
|
"status": "affected",
|
|
"version": "InstantOS or ArubaOS (access points) 8.10.x.x: 8.10.0.10 and below."
|
|
},
|
|
{
|
|
"status": "affected",
|
|
"version": "InstantOS or ArubaOS (access points) 8.6.x.x: 8.6.0.23 and below."
|
|
}
|
|
],
|
|
"defaultStatus": "affected"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt",
|
|
"refsource": "MISC",
|
|
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt"
|
|
}
|
|
]
|
|
},
|
|
"generator": {
|
|
"engine": "Vulnogram 0.1.0-dev"
|
|
},
|
|
"source": {
|
|
"discovery": "UNKNOWN"
|
|
},
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Chancen"
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"attackComplexity": "LOW",
|
|
"attackVector": "NETWORK",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 4.9,
|
|
"baseSeverity": "MEDIUM",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "NONE",
|
|
"privilegesRequired": "HIGH",
|
|
"scope": "UNCHANGED",
|
|
"userInteraction": "NONE",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
|
|
"version": "3.1"
|
|
}
|
|
]
|
|
}
|
|
} |