CVE-2024-25615

Name of the Vulnerable Software and Affected Versions ArubaOS versions 8.x

Description The issue is related to insufficient input validation in the Spectrum service of ArubaOS, which can be exploited by a remote attacker to cause a denial-of-service (DoS) using the PAPI protocol. Successful exploitation allows an attacker to interrupt the normal operation of the affected service.

Recommendations For ArubaOS version 8.x, update to a version that includes a fix for this issue to prevent exploitation. As a temporary workaround, consider restricting access to the Spectrum service via the PAPI protocol to minimize the risk of exploitation.