CVE-2024-33516
First published: Wed May 01 2024(Updated: )
An unauthenticated Denial of Service (DoS) vulnerability exists in the Auth service accessed via the PAPI protocol provided by ArubaOS. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the controller.
Credit: security-alert@hpe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HPE ArubaOS |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-33516?
The severity of CVE-2024-33516 is critical, as it allows for unauthenticated Denial of Service attacks.
How do I fix CVE-2024-33516?
To fix CVE-2024-33516, apply the latest security patches provided by Aruba for ArubaOS.
What systems are affected by CVE-2024-33516?
CVE-2024-33516 affects systems running ArubaOS that utilize the PAPI protocol.
What are the potential impacts of CVE-2024-33516?
The potential impacts of CVE-2024-33516 include interruption of normal operations of the affected controllers.
Is CVE-2024-33516 exploitable remotely?
Yes, CVE-2024-33516 can be exploited remotely due to its unauthenticated nature.
- agent/description
- agent/type
- agent/first-publish-date
- agent/author
- agent/severity
- collector/the-register
- source/The Register
- alias/CVE-2024-26305
- alias/CVE-2024-26304
- alias/CVE-2024-33511
- alias/CVE-2024-33512
- alias/CVE-2024-33513
- alias/CVE-2024-33514
- alias/CVE-2024-33515
- alias/CVE-2024-33516
- alias/CVE-2024-33517
- agent/references
- collector/epss-latest
- source/FIRST
- agent/epss
- collector/nvd-api
- source/NVD
- agent/weakness
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/aruba
- canonical/hpe arubaos