CVE-2024-25614: Path Traversal
First published: Tue Mar 05 2024(Updated: )
There is an arbitrary file deletion vulnerability in the CLI used by ArubaOS. Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to denial-of-service conditions and impact the integrity of the controller.
Credit: security-alert@hpe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HPE ArubaOS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-25614?
CVE-2024-25614 is considered a high-severity vulnerability due to its potential to allow arbitrary file deletion on the underlying operating system.
How do I fix CVE-2024-25614?
To fix CVE-2024-25614, it is recommended to update ArubaOS to the latest version provided by Aruba Networks.
What are the potential impacts of CVE-2024-25614?
Exploitation of CVE-2024-25614 could lead to denial-of-service conditions and compromise the integrity of affected systems.
Who is affected by CVE-2024-25614?
CVE-2024-25614 affects devices running ArubaOS, particularly those using its CLI features.
What kind of exploitation is possible with CVE-2024-25614?
CVE-2024-25614 allows attackers to delete arbitrary files, which can disrupt system operations and data integrity.
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- agent/severity
- agent/author
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/weakness
- agent/last-modified-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/aruba
- canonical/hpe arubaos