CVE-2008-0150

Unspecified vulnerability in the LDAP authentication feature in Aruba Mobility Controller 2.3.6.15, 2.5.2.11, 2.5.4.25, 2.5.5.7, 3.1.1.3, and 2.4.8.11-FIPS or earlier allows remote attackers to bypass authentication mechanisms and obtain management or VPN interface access.

Published: Jan 9, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-0150
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
aruba_networks / aruba_mobility_controllers	2.5.2.11	2.5.2.11.x
aruba_networks / aruba_mobility_controllers	2.5.5.7	2.5.5.7.x
aruba_networks / aruba_mobility_controllers	2.3.6.15	2.3.6.15.x
aruba_networks / aruba_mobility_controllers	-	2.4.8.11-fips.x
aruba_networks / aruba_mobility_controllers	2.5.4.25	2.5.4.25.x
aruba_networks / aruba_mobility_controllers	3.1.1.3	3.1.1.3.x

http://secunia.com/advisories/28357
http://securityreason.com/securityalert/3529
http://www.arubanetworks.com/support/alerts/aid-122207.asc
http://www.securityfocus.com/archive/1/485831/100/0/threaded
http://www.securityfocus.com/bid/27144

Vulnerability Database

289,871

CVE-2008-0150