CVE-2014-7299

EUVD-2014-7170
Unspecified vulnerability in administrative interfaces in ArubaOS 6.3.1.11, 6.3.1.11-FIPS, 6.4.2.1, and 6.4.2.1-FIPS on Aruba controllers allows remote attackers to bypass authentication, and obtain potentially sensitive information or add guest accounts, via an SSH session.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 39%
Affected Products (NVD)
VendorProductVersion
arubanetworksarubaos
6.3.11
arubanetworksarubaos
6.3.11:fips
arubanetworksarubaos
6.4.2.1
arubanetworksarubaos
6.4.2.1:fips
𝑥
= Vulnerable software versions
References
http://www.arubanetworks.com/support/alerts/aid-10072014.txt
http://www.arubanetworks.com/support/alerts/aid-10072014.txt