CVE-2024-42395

There is a vulnerability in the AP Certificate Management Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise.

Published: Aug 6, 2024
Updated: Aug 13, 2024
CVE: CVE-2024-42395
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

CWE-787

Affected Software
References

Software	From	Fixed in
hp / instantos	8.12.0.0	8.12.0.2
hp / instantos	6.4.0.0	8.10.0.13
arubanetworks / arubaos	10.5.0.0	10.6.0.1
arubanetworks / arubaos	10.3.0.0	10.4.1.4

https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US

Vulnerability Database

289,697

CVE-2024-42395