← Back

CVE-2016-2031

nvd nist
Published: Jan 31, 2020Modified: Nov 21, 2024

JSON object

Loading...
9.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability: 3.9 / Impact: 5.9
Source: NVD

Description

Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code.

Affected (5)

Arubanetworks
3 products
Airwave
Aruba Instant
Arubaos
Siemens
1 product
Scalance W1750d Firmware
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Airwave
Before 8.2.0.0
Arubanetworks
Aruba Instant
Before 4.1.3.0
Aruba Instant
Version 4.2.3.1
Arubaos
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Scalance W1750d Firmware
All versions
Running on/withPlatform Versions
Siemens
Scalance W1750d
All versions

Related CWEs

CWE-20
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

Source: cve@mitre.org
ExploitThird Party AdvisoryVDB Entry
Source: cve@mitre.org
ExploitMailing ListThird Party Advisory
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitMailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link

Timeline

No history available yet.