Published: 14/02/2007 Updated: 16/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest account, which allows remote malicious users to access administrative interfaces or the WLAN.

Vulnerable Product	Search on Vulmon	Subscribe to Product
alcatel-lucent omniaccess wireless 43xx
aruba mobility controller 800
alcatel-lucent omniaccess wireless 6000
aruba mobility controller 200
aruba mobility controller 2400
aruba mobility controller 6000

Multiple vulnerabilities were identified in Aruba AP, IAP and AMP devices The vulnerabilities were discovered during a black box security assessment and therefore the vulnerability list should not be considered exhaustive Several of the high severity vulnerabilities listed in this report are related to the Aruba proprietary PAPI protocol and allo ...

CWE-264 http://lists.grok.org.uk/pipermail/full-disclosure/2007-February/052382.html http://www.kb.cert.org/vuls/id/613833 http://www.securityfocus.com/bid/22538 http://secunia.com/advisories/24144 http://securityreason.com/securityalert/2243 http://osvdb.org/33185 https://exchange.xforce.ibmcloud.com/vulnerabilities/32461 http://www.securityfocus.com/archive/1/459927/100/0/threaded https://nvd.nist.gov https://packetstormsecurity.com/files/136997/Aruba-Authentication-Bypass-Insecure-Transport-Tons-Of-Issues.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-0932

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect