This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.
The version of ArubaOS has an authentication bypass vulnerability.
The version of ArubaOS has an unspecified vulnerability that allows a
remote attacker to obtain limited administrative privileges without
valid credentials. The vulnerability affects access over SSH. However,
access through WebUI and the serial port is not affected, and the
vulnerability does not provide 'root' level access, although it could
allow the following activities :
- Issue 'show' commands.
- Obtain encrypted password hashes for administrative
- View the running configuration.
- Add users to the internal user database with 'guest'
See also :
Upgrade to 188.8.131.52 / 184.108.40.206 or downgrade to 220.127.116.11 / 18.104.22.168.
Risk factor :
High / CVSS Base Score : 7.5