Vulnerabilities > CVE-2008-5563 - Resource Management Errors vulnerability in multiple products

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

aruba-networks

arubanetworks

CWE-399

NVD

Published: 2008-12-15

Updated: 2018-10-11

Summary

Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x allows remote attackers to cause a denial of service (device crash) via a malformed Extensible Authentication Protocol (EAP) frame. http://secunia.com/advisories/33057 Note: When using wireless, this only affects devices running in WPA/WPA2 Enterprise modes. The vulnerability is reported in ArubaOS 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x.

Vulnerable Configurations

Part	Description	Count
OS	Aruba_Networks Aruba Networks Aruba Mobility Controller 2.4.8 Aruba Networks Aruba Mobility Controller 2.4.8.5 Aruba Networks Aruba Mobility Controller 2.4.8.6 Aruba Networks Aruba Mobility Controller 2.4.8.11 Aruba Networks Aruba Mobility Controller 2.5.2.11 Aruba Networks Aruba Mobility Controller 2.5.4.17 Aruba Networks Aruba Mobility Controller 2.5.4.18 Aruba Networks Aruba Mobility Controller 2.5.4.25 Aruba Networks Aruba Mobility Controller 2.5.5 Aruba Networks Aruba Mobility Controller 2.5.5.7 Aruba Networks Aruba Mobility Controller 2.5.6 Aruba Networks Aruba Mobility Controller 3.1.1 Aruba Networks Aruba Mobility Controllers 3.1.1.3	13
OS	Arubanetworks Arubanetworks Aruba Mobility Controller 3.1.1.0 Arubanetworks Aruba Mobility Controller 3.1.1.3 Arubanetworks Aruba Mobility Controller 3.2.0.0 Arubanetworks Aruba Mobility Controller 3.3.1.0 Arubanetworks Aruba Mobility Controller 3.3.1.6	5

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References