{"cve":{"cve_id":"CVE-2024-25614","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00512,"epss_percentile":0.39574,"epss_as_of":"2026-06-23","description":"There is an arbitrary file deletion vulnerability in the CLI used by ArubaOS. Successful exploitation of this vulnerability results in the ability to delete arbitrary files on the underlying operating system, which could lead to denial-of-service conditions and impact the integrity of the controller. \n\n","published_at":"2024-03-05T20:19:09.850000Z","last_modified_at":null,"cvss_v3_score":5.5,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"none","ssvc_automatable":false,"ssvc_technical_impact":"partial","cwes":["CWE-22"],"nvd_references":["https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-29T01:53:59.984910Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"H","value_label":"High"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"N","value_label":"None"},{"metric":"I","name":"Integrity","value":"L","value_label":"Low"},{"metric":"A","name":"Availability","value":"H","value_label":"High"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"hewlett-packard-enterprise-hpe","vendor_name":"Hewlett Packard Enterprise (HPE)","product_slug":"arubaos-wi-fi-controllers-and-campus-remote-access-points","product_name":"ArubaOS Wi-Fi Controllers and Campus/Remote Access Points","version_start":"ArubaOS 10.5.x.x: 10.5.0.1 and below","version_start_inclusive":true,"version_end":"ArubaOS 10.5.x.x: 10.5.0.1 and below","version_end_inclusive":true,"cpe23_uri":"cve5:hewlett-packard-enterprise-hpe:arubaos-wi-fi-controllers-and-campus-remote-access-points:ArubaOS 10.5.x.x: 10.5.0.1 and below:ArubaOS 10.5.x.x: 10.5.0.1 and below"},{"vendor_slug":"hewlett-packard-enterprise-hpe","vendor_name":"Hewlett Packard Enterprise (HPE)","product_slug":"arubaos-wi-fi-controllers-and-campus-remote-access-points","product_name":"ArubaOS Wi-Fi Controllers and Campus/Remote Access Points","version_start":"ArubaOS 10.4.x.x: 10.4.0.3 and below","version_start_inclusive":true,"version_end":"ArubaOS 10.4.x.x: 10.4.0.3 and below","version_end_inclusive":true,"cpe23_uri":"cve5:hewlett-packard-enterprise-hpe:arubaos-wi-fi-controllers-and-campus-remote-access-points:ArubaOS 10.4.x.x: 10.4.0.3 and below:ArubaOS 10.4.x.x: 10.4.0.3 and below"},{"vendor_slug":"hewlett-packard-enterprise-hpe","vendor_name":"Hewlett Packard Enterprise (HPE)","product_slug":"arubaos-wi-fi-controllers-and-campus-remote-access-points","product_name":"ArubaOS Wi-Fi Controllers and Campus/Remote Access Points","version_start":"ArubaOS 8.11.x.x: 8.11.2.0 and below","version_start_inclusive":true,"version_end":"ArubaOS 8.11.x.x: 8.11.2.0 and below","version_end_inclusive":true,"cpe23_uri":"cve5:hewlett-packard-enterprise-hpe:arubaos-wi-fi-controllers-and-campus-remote-access-points:ArubaOS 8.11.x.x: 8.11.2.0 and below:ArubaOS 8.11.x.x: 8.11.2.0 and below"},{"vendor_slug":"hewlett-packard-enterprise-hpe","vendor_name":"Hewlett Packard Enterprise (HPE)","product_slug":"arubaos-wi-fi-controllers-and-campus-remote-access-points","product_name":"ArubaOS Wi-Fi Controllers and Campus/Remote Access Points","version_start":"ArubaOS 8.10.x.x:  8.10.0.9 and below","version_start_inclusive":true,"version_end":"ArubaOS 8.10.x.x:  8.10.0.9 and below","version_end_inclusive":true,"cpe23_uri":"cve5:hewlett-packard-enterprise-hpe:arubaos-wi-fi-controllers-and-campus-remote-access-points:ArubaOS 8.10.x.x:  8.10.0.9 and below:ArubaOS 8.10.x.x:  8.10.0.9 and below"}],"exploit_refs":[],"news":[],"references":[{"url":"https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2024-03-05T20:19:09.850000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:34:24.967237Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:34:24.967237Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:34:24.967237Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T01:53:59.984910Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:53:59.984910Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:53:59.984910Z","label":"SSVC decision revised","source":"vulnrichment"}]}