What is the severity of CVE-2015-1388?

CVE-2015-1388 has a high severity rating due to the potential for remote code execution.

How do I fix CVE-2015-1388?

To fix CVE-2015-1388, upgrade ArubaOS to version 6.3.1.15 or later, or 6.4.2.4 or later.

Which versions of ArubaOS are affected by CVE-2015-1388?

CVE-2015-1388 affects ArubaOS versions 5.x through 6.2.x, 6.3.x before 6.3.1.15, and 6.4.x before 6.4.2.4.

What can attackers do by exploiting CVE-2015-1388?

By exploiting CVE-2015-1388, attackers can execute arbitrary commands on affected Aruba access points.

Is there a workaround for CVE-2015-1388?

As of now, the recommended action is to update to a safe version, as there are no known effective workarounds for CVE-2015-1388.

Vulnerability/
CVE-2015-1388

high

7.2

CWE

24/3/2015

6/8/2024

CVE-2015-1388: OS Command Injection

First published: Tue Mar 24 2015(Updated: )

The "RAP console" feature in ArubaOS 5.x through 6.2.x, 6.3.x before 6.3.1.15, and 6.4.x before 6.4.2.4 on Aruba access points in Remote Access Point (AP) mode allows remote attackers to execute arbitrary commands via unspecified vectors.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Arubanetworks Arubaos	<=6.2.3.9
Arubanetworks Arubaos	=6.1.3.0
Arubanetworks Arubaos	=6.1.3.1
Arubanetworks Arubaos	=6.1.3.2
Arubanetworks Arubaos	=6.1.3.3
Arubanetworks Arubaos	=6.1.3.4
Arubanetworks Arubaos	=6.1.3.5
Arubanetworks Arubaos	=6.1.3.6
Arubanetworks Arubaos	=6.1.3.7
Arubanetworks Arubaos	=6.1.3.8
Arubanetworks Arubaos	=6.1.3.9
Arubanetworks Arubaos	=6.2.3.1
Arubanetworks Arubaos	=6.2.3.2
Arubanetworks Arubaos	=6.2.3.3
Arubanetworks Arubaos	=6.2.3.4
Arubanetworks Arubaos	=6.2.3.5
Arubanetworks Arubaos	=6.2.3.6
Arubanetworks Arubaos	=6.2.3.7
Arubanetworks Arubaos	=6.2.3.8
Arubanetworks Arubaos	=6.3.0.0
Arubanetworks Arubaos	=6.3.1
Arubanetworks Arubaos	=6.3.1.1
Arubanetworks Arubaos	=6.3.1.2
Arubanetworks Arubaos	=6.3.1.3
Arubanetworks Arubaos	=6.3.1.4
Arubanetworks Arubaos	=6.3.1.5
Arubanetworks Arubaos	=6.3.1.6
Arubanetworks Arubaos	=6.3.1.7
Arubanetworks Arubaos	=6.3.1.8
Arubanetworks Arubaos	=6.3.1.9
Arubanetworks Arubaos	=6.3.1.10
Arubanetworks Arubaos	=6.3.1.11
Arubanetworks Arubaos	=6.3.1.12
Arubanetworks Arubaos	=6.3.1.13
Arubanetworks Arubaos	=6.3.1.14
Arubanetworks Arubaos	=6.4.2.3
Arubanetworks Arubaos	=6.4.2.4
Arubanetworks Arubaos	=6.4.2.5

Never miss a vulnerability like this again

Reference Links

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-004.txt

Frequently Asked Questions

What is the severity of CVE-2015-1388?
CVE-2015-1388 has a high severity rating due to the potential for remote code execution.
How do I fix CVE-2015-1388?
To fix CVE-2015-1388, upgrade ArubaOS to version 6.3.1.15 or later, or 6.4.2.4 or later.
Which versions of ArubaOS are affected by CVE-2015-1388?
CVE-2015-1388 affects ArubaOS versions 5.x through 6.2.x, 6.3.x before 6.3.1.15, and 6.4.x before 6.4.2.4.
What can attackers do by exploiting CVE-2015-1388?
By exploiting CVE-2015-1388, attackers can execute arbitrary commands on affected Aruba access points.
Is there a workaround for CVE-2015-1388?
As of now, the recommended action is to update to a safe version, as there are no known effective workarounds for CVE-2015-1388.

collector/nvd-index
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/author
agent/references
agent/weakness
agent/tags
agent/first-publish-date
agent/event
agent/description
agent/source
vendor/arubanetworks
canonical/arubanetworks arubaos
version/arubanetworks arubaos/6.2.3.9
version/arubanetworks arubaos/6.1.3.0
version/arubanetworks arubaos/6.1.3.1
version/arubanetworks arubaos/6.1.3.2
version/arubanetworks arubaos/6.1.3.3
version/arubanetworks arubaos/6.1.3.4
version/arubanetworks arubaos/6.1.3.5
version/arubanetworks arubaos/6.1.3.6
version/arubanetworks arubaos/6.1.3.7
version/arubanetworks arubaos/6.1.3.8
version/arubanetworks arubaos/6.1.3.9
version/arubanetworks arubaos/6.2.3.1
version/arubanetworks arubaos/6.2.3.2
version/arubanetworks arubaos/6.2.3.3
version/arubanetworks arubaos/6.2.3.4
version/arubanetworks arubaos/6.2.3.5
version/arubanetworks arubaos/6.2.3.6
version/arubanetworks arubaos/6.2.3.7
version/arubanetworks arubaos/6.2.3.8
version/arubanetworks arubaos/6.3.0.0
version/arubanetworks arubaos/6.3.1
version/arubanetworks arubaos/6.3.1.1
version/arubanetworks arubaos/6.3.1.2
version/arubanetworks arubaos/6.3.1.3
version/arubanetworks arubaos/6.3.1.4
version/arubanetworks arubaos/6.3.1.5
version/arubanetworks arubaos/6.3.1.6
version/arubanetworks arubaos/6.3.1.7
version/arubanetworks arubaos/6.3.1.8
version/arubanetworks arubaos/6.3.1.9
version/arubanetworks arubaos/6.3.1.10
version/arubanetworks arubaos/6.3.1.11
version/arubanetworks arubaos/6.3.1.12
version/arubanetworks arubaos/6.3.1.13
version/arubanetworks arubaos/6.3.1.14
version/arubanetworks arubaos/6.4.2.3
version/arubanetworks arubaos/6.4.2.4
version/arubanetworks arubaos/6.4.2.5

Frequently Asked Questions

What is the severity of CVE-2015-1388?
CVE-2015-1388 has a high severity rating due to the potential for remote code execution.
How do I fix CVE-2015-1388?
To fix CVE-2015-1388, upgrade ArubaOS to version 6.3.1.15 or later, or 6.4.2.4 or later.
Which versions of ArubaOS are affected by CVE-2015-1388?
CVE-2015-1388 affects ArubaOS versions 5.x through 6.2.x, 6.3.x before 6.3.1.15, and 6.4.x before 6.4.2.4.
What can attackers do by exploiting CVE-2015-1388?
By exploiting CVE-2015-1388, attackers can execute arbitrary commands on affected Aruba access points.
Is there a workaround for CVE-2015-1388?
As of now, the recommended action is to update to a safe version, as there are no known effective workarounds for CVE-2015-1388.

CVE-2015-1388: OS Command Injection

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2015-1388?

How do I fix CVE-2015-1388?

Which versions of ArubaOS are affected by CVE-2015-1388?

What can attackers do by exploiting CVE-2015-1388?

Is there a workaround for CVE-2015-1388?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2015-1388?

How do I fix CVE-2015-1388?

Which versions of ArubaOS are affected by CVE-2015-1388?

What can attackers do by exploiting CVE-2015-1388?

Is there a workaround for CVE-2015-1388?