Main Vulnerability Database Vulnerabilities #VU53246

#VU53246 Improper Authentication in Aruba Instant - CVE-2019-5317

Published: May 14, 2021

Vulnerability identifier: #VU53246

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2019-5317

CWE-ID: CWE-287

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Aruba Instant

Software vendor:
Aruba Networks

Description

The vulnerability allows a local attacker to bypass authentication process.

The vulnerability exists due to an error in when processing authentication requests. An attacker with physical access can bypass authentication mechanisms and gain access to the Aruba Instant command line interface.

Remediation

Install updates from vendor's website.

External links

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-007.txt

#VU53246 Improper Authentication in Aruba Instant - CVE-2019-5317

Description

Remediation

External links

Please verify you're human