Multiple vulnerabilities have been discovered in Aruba Products, the most severe of which could allow for Arbitrary code execution.
Aruba Mobility Conductor is an advanced WLAN deployed as a virtual machine (VM) or installed on an x86-based hardware appliance.
Aruba Mobility Controller is a WLAN hardware controller in a virtualized environment
WLAN Gateways and SD-WAN Gateways managed by Aruba Central
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the affected service account. Depending on the privileges associated with the service account, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Service accounts that are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
More Stories
chromium-129.0.6668.70-1.fc41
FEDORA-2024-8008ddbd4e Packages in this update: chromium-129.0.6668.70-1.fc41 Update description: Update to 129.0.6668.70 High CVE-2024-9120: Use after free in Dawn High CVE-2024-9121:...
USN-7040-1: ConfigObj vulnerability
It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue...
USN-7039-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...
aws-24.0.0-3.fc41
FEDORA-2024-7908ee39a9 Packages in this update: aws-24.0.0-3.fc41 Update description: CVE-2024-41708: Ada Web Server did not use a cryptographically secure pseudorandom number...
USN-7021-3: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...
aws-24.0.0-3.fc42
FEDORA-2024-b87003097a Packages in this update: aws-24.0.0-3.fc42 Update description: Automatic update for aws-24.0.0-3.fc42. Changelog * Thu Sep 26 2024 Björn Persson...