CVE-2015-1388

The "RAP console" feature in ArubaOS 5.x through 6.2.x, 6.3.x before 6.3.1.15, and 6.4.x before 6.4.2.4 on Aruba access points in Remote Access Point (AP) mode allows remote attackers to execute arbitrary commands via unspecified vectors.

Published: Mar 24, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-1388
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-78

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
arubanetworks / arubaos	6.1.3.4	6.1.3.4.x
arubanetworks / arubaos	6.3.1.6	6.3.1.6.x
arubanetworks / arubaos	6.2.3.1	6.2.3.1.x
arubanetworks / arubaos	6.2.3.8	6.2.3.8.x
arubanetworks / arubaos	6.4.2.4	6.4.2.4.x
arubanetworks / arubaos	6.4.2.5	6.4.2.5.x
arubanetworks / arubaos	6.2.3.3	6.2.3.3.x
arubanetworks / arubaos	6.3.1.2	6.3.1.2.x
arubanetworks / arubaos	6.3.1.9	6.3.1.9.x
arubanetworks / arubaos	6.2.3.4	6.2.3.4.x
arubanetworks / arubaos	6.3.1.10	6.3.1.10.x
arubanetworks / arubaos	6.2.3.7	6.2.3.7.x
arubanetworks / arubaos	6.4.2.3	6.4.2.3.x
arubanetworks / arubaos	6.3.1.11	6.3.1.11.x
arubanetworks / arubaos	6.1.3.0	6.1.3.0.x
arubanetworks / arubaos	6.3.1	6.3.1.x
arubanetworks / arubaos	6.3.1.7	6.3.1.7.x
arubanetworks / arubaos	-	6.2.3.9.x
arubanetworks / arubaos	6.1.3.8	6.1.3.8.x
arubanetworks / arubaos	6.3.1.1	6.3.1.1.x
arubanetworks / arubaos	6.1.3.5	6.1.3.5.x
arubanetworks / arubaos	6.3.1.4	6.3.1.4.x
arubanetworks / arubaos	6.1.3.1	6.1.3.1.x
arubanetworks / arubaos	6.1.3.3	6.1.3.3.x
arubanetworks / arubaos	6.1.3.9	6.1.3.9.x
arubanetworks / arubaos	6.1.3.6	6.1.3.6.x
arubanetworks / arubaos	6.3.1.13	6.3.1.13.x
arubanetworks / arubaos	6.3.1.12	6.3.1.12.x
arubanetworks / arubaos	6.3.1.3	6.3.1.3.x
arubanetworks / arubaos	6.2.3.6	6.2.3.6.x
arubanetworks / arubaos	6.3.1.5	6.3.1.5.x
arubanetworks / arubaos	6.3.1.14	6.3.1.14.x
arubanetworks / arubaos	6.2.3.2	6.2.3.2.x
arubanetworks / arubaos	6.3.0.0	6.3.0.0.x
arubanetworks / arubaos	6.1.3.7	6.1.3.7.x
arubanetworks / arubaos	6.3.1.8	6.3.1.8.x
arubanetworks / arubaos	6.2.3.5	6.2.3.5.x
arubanetworks / arubaos	6.1.3.2	6.1.3.2.x

http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-004.txt

Vulnerability Database

289,697

CVE-2015-1388