{"containers":{"cna":{"affected":[{"product":"Aruba 9000 Gateway","vendor":"n/a","versions":[{"status":"affected","version":"2.1.0.1"},{"status":"affected","version":"2.2.0.0 and below"}]},{"product":"Aruba 7000 Series Mobility Controllers","vendor":"n/a","versions":[{"status":"affected","version":"6.4.4.23"},{"status":"affected","version":"6.5.4.17"},{"status":"affected","version":"8.2.2.9"},{"status":"affected","version":"8.3.0.13"},{"status":"affected","version":"8.5.0.10"},{"status":"affected","version":"8.6.0.5"},{"status":"affected","version":"8.7.0.0 and below"}]},{"product":"Aruba 7200 Series Mobility Controllers","vendor":"n/a","versions":[{"status":"affected","version":"6.4.4.23"},{"status":"affected","version":"6.5.4.17"},{"status":"affected","version":"8.2.2.9"},{"status":"affected","version":"8.3.0.13"},{"status":"affected","version":"8.5.0.10"},{"status":"affected","version":"8.6.0.5"},{"status":"affected","version":"8.7.0.0 and below"}]}],"descriptions":[{"lang":"en","value":"An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below."}],"problemTypes":[{"descriptions":[{"description":"remote injection of arbitrary commands","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2020-12-11T01:22:50.000Z","orgId":"eb103674-0d28-4225-80f8-39fb86215de0","shortName":"hpe"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04072en_us"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security-alert@hpe.com","ID":"CVE-2020-24634","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Aruba 9000 Gateway","version":{"version_data":[{"version_value":"2.1.0.1"},{"version_value":"2.2.0.0 and below"}]}},{"product_name":"Aruba 7000 Series Mobility Controllers","version":{"version_data":[{"version_value":"6.4.4.23"},{"version_value":"6.5.4.17"},{"version_value":"8.2.2.9"},{"version_value":"8.3.0.13"},{"version_value":"8.5.0.10"},{"version_value":"8.6.0.5"},{"version_value":"8.7.0.0 and below"}]}},{"product_name":"Aruba 7200 Series Mobility Controllers","version":{"version_data":[{"version_value":"6.4.4.23"},{"version_value":"6.5.4.17"},{"version_value":"8.2.2.9"},{"version_value":"8.3.0.13"},{"version_value":"8.5.0.10"},{"version_value":"8.6.0.5"},{"version_value":"8.7.0.0 and below"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"remote injection of arbitrary commands"}]}]},"references":{"reference_data":[{"name":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04072en_us","refsource":"CONFIRM","url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04072en_us"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T15:19:09.075Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04072en_us"}]}]},"cveMetadata":{"assignerOrgId":"eb103674-0d28-4225-80f8-39fb86215de0","assignerShortName":"hpe","cveId":"CVE-2020-24634","datePublished":"2020-12-11T01:22:50.000Z","dateReserved":"2020-08-25T00:00:00.000Z","dateUpdated":"2024-08-04T15:19:09.075Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}