PT-2008-1803 · Aruba · Aruba Mobility Controller

Robbie Gill

Publicado

2008-01-09

Atualizado

2018-10-15

CVE-2008-0150

CVSS v2.0

6.8

Média

Vetor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Aruba Mobility Controller versions 2.3.6.15 through 2.5.5.7 Aruba Mobility Controller version 2.4.8.11-FIPS

Description The issue concerns an unspecified vulnerability in the LDAP authentication feature. This vulnerability allows remote attackers to bypass authentication mechanisms, potentially obtaining management or VPN interface access.

Recommendations For Aruba Mobility Controller versions 2.3.6.15 through 2.5.5.7, update to a version later than 2.5.5.7 to resolve the issue. For Aruba Mobility Controller version 2.4.8.11-FIPS, update to a version later than 2.4.8.11-FIPS to resolve the issue.

Correção

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2008-0150

Produtos afetados

Aruba Mobility Controller

PT-2008-1803 · Aruba · Aruba Mobility Controller

CVE-2008-0150

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7