PT-2008-1803 · Aruba · Aruba Mobility Controller

Robbie Gill

Published

2008-01-09

Updated

2018-10-15

CVE-2008-0150

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Aruba Mobility Controller versions 2.3.6.15 through 2.5.5.7 Aruba Mobility Controller version 2.4.8.11-FIPS

Description The issue concerns an unspecified vulnerability in the LDAP authentication feature. This vulnerability allows remote attackers to bypass authentication mechanisms, potentially obtaining management or VPN interface access.

Recommendations For Aruba Mobility Controller versions 2.3.6.15 through 2.5.5.7, update to a version later than 2.5.5.7 to resolve the issue. For Aruba Mobility Controller version 2.4.8.11-FIPS, update to a version later than 2.4.8.11-FIPS to resolve the issue.

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2008-0150

Affected Products

Aruba Mobility Controller

PT-2008-1803 · Aruba · Aruba Mobility Controller

CVE-2008-0150

Weakness Enumeration

Related Identifiers

Affected Products

References · 7