CVE Vulnerability

CVE-2008-0150

Unspecified vulnerability in the LDAP authentication feature in Aruba Mobility Controller 2.3.6.15, 2.5.2.11, 2.5.4.25, 2.5.5.7, 3.1.1.3, and 2.4.8.11-FIPS or earlier allows remote attackers to bypass authentication mechanisms and obtain management or VPN interface access.

6.8 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 6.4

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Scope

References
Link Resource
http://www.arubanetworks.com/support/alerts/aid-122207.asc
http://www.securityfocus.com/bid/27144
http://secunia.com/advisories/28357 Vendor Advisory
http://securityreason.com/securityalert/3529
http://www.securityfocus.com/archive/1/485831/100/0/threaded
Configurations

Configuration 1

cpe:2.3:a:aruba_networks:aruba_mobility_controllers:2.5.2.11:*:*:*:*:*:*:*
cpe:2.3:a:aruba_networks:aruba_mobility_controllers:2.5.5.7:*:*:*:*:*:*:*
cpe:2.3:a:aruba_networks:aruba_mobility_controllers:2.3.6.15:*:*:*:*:*:*:*
cpe:2.3:a:aruba_networks:aruba_mobility_controllers:*:*:*:*:*:*:*:*
cpe:2.3:a:aruba_networks:aruba_mobility_controllers:2.5.4.25:*:*:*:*:*:*:*
cpe:2.3:a:aruba_networks:aruba_mobility_controllers:3.1.1.3:*:*:*:*:*:*:*
Information

Published : 2008-01-09 12:46

Updated : 2018-10-15 09:58

NVD link : CVE-2008-0150

Mitre link : CVE-2008-0150

Products Affected
No products.
CWE
CWE-287