CVE-2024-25615
First published: Tue Mar 05 2024(Updated: )
An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Spectrum service accessed via the PAPI protocol in ArubaOS 8.x. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service.
Credit: security-alert@hpe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HPE ArubaOS | >=8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-25615?
CVE-2024-25615 is classified as a critical Denial-of-Service vulnerability.
How do I fix CVE-2024-25615?
To remediate CVE-2024-25615, upgrade to the latest version of ArubaOS that addresses this vulnerability.
What kind of attack does CVE-2024-25615 enable?
CVE-2024-25615 allows attackers to execute a Denial-of-Service attack against the Spectrum service.
Which versions of ArubaOS are affected by CVE-2024-25615?
ArubaOS versions 8.0 and above are vulnerable to CVE-2024-25615.
Is authentication required to exploit CVE-2024-25615?
No, CVE-2024-25615 can be exploited without authentication.
- agent/references
- agent/description
- agent/type
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- collector/nvd-api
- source/NVD
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/aruba
- canonical/hpe arubaos