Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2016-2031

Published: 31/01/2020 Updated: 10/11/2022
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Arubaos

Vulnerability Summary

Multiple vulnerabilities exists in Aruba Instate prior to 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

arubanetworks arubaos

arubanetworks aruba instant 4.2.3.1

arubanetworks aruba instant

arubanetworks airwave

siemens scalance_w1750d_firmware

Exploits

Exploit DB: Aruba Authentication Bypass / Insecure Transport / Tons Of Issues
Multiple vulnerabilities were identified in Aruba AP, IAP and AMP devices The vulnerabilities were discovered during a black box security assessment and therefore the vulnerability list should not be considered exhaustive Several of the high severity vulnerabilities listed in this report are related to the Aruba proprietary PAPI protocol and allo ...

Recent Articles

Aruba! Aruba! Patch now, patch fast!
The Register • Richard Chirgwin • 09 May 2016

Google bug-hunters disclose 26 vulnerabilities

Aruba Networks is slinging patches at a bunch of vulnerabilities in management platforms, its Aruba Instant Platform, and its proprietary ArubaOS PAPI management API. The company posted three advisories here after Google put it on a 90-day deadline, with the Chocolate Factory's Sven Blumenstein dropping a consolidated report of 26 individual vulns at Full Disclosure on Friday. Al are considered “urgent”, according to the HP subsidiary. In a tone of some irritation, Aruba says it's “remindi...

Read more...

References

CWE-20http://seclists.org/fulldisclosure/2016/May/19http://packetstormsecurity.com/files/136997/Aruba-Authentication-Bypass-Insecure-Transport-Tons-Of-Issues.htmlhttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2016-004.txthttps://www.securityfocus.com/bid/90207https://cert-portal.siemens.com/productcert/pdf/ssa-431802.pdfhttps://nvd.nist.govhttps://www.theregister.co.uk/2016/05/09/aruba_aruba_patch_now_patch_fast/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400CVE-2023-7252CVE-2024-21111denial of serviceCVE-2024-29661CVE-2024-22856remote attackersencryptionCVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook