Vulnerability Note VU#613833
Aruba Mobility Controller vulnerable to privilege escalation
The Aruba Mobility Controller Management Interface contains a privilege escalation vulnerability. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable system.
The Aruba Mobility Controllers are used to process and control network traffic in a wireless network. The Aruba Mobility Controller Management Interface is a utility used to configure and manage the Aruba Mobility Controllers. The management interface can be accessed via a command line or a web-based interface.
The Aruba Mobility Controller contains an guest account, which is intended to have restricted privileges on the Mobility Controller. However, due to an unspecified implementation error, an attacker with access to the guest account may be able to gain administrative privileges on the Mobility Controller.
A remote attacker may be able to gain administrative privileges on the Aruba Mobility Controller.
Apply a patch from Aruba
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Aruba Networks, Inc.||Affected||09 Feb 2007||13 Feb 2007|
CVSS Metrics (Learn More)
This vulnerability was reported by Aruba Networks.
This document was written by Jeff Gennari.
- CVE IDs: Unknown
- Date Public: 12 Feb 2007
- Date First Published: 13 Feb 2007
- Date Last Updated: 13 Feb 2007
- Severity Metric: 4.68
- Document Revision: 14
If you have feedback, comments, or additional information about this vulnerability, please send us email.