{"cve":{"cve_id":"CVE-2024-25615","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00466,"epss_percentile":0.36754,"epss_as_of":"2026-06-23","description":" An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Spectrum service accessed via the PAPI protocol in ArubaOS 8.x. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service.\n\n","published_at":"2024-03-05T20:19:54.342000Z","last_modified_at":null,"cvss_v3_score":5.3,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"none","ssvc_automatable":true,"ssvc_technical_impact":"partial","cwes":["CWE-400"],"nvd_references":["https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-29T01:53:59.984910Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"N","value_label":"None"},{"metric":"I","name":"Integrity","value":"N","value_label":"None"},{"metric":"A","name":"Availability","value":"L","value_label":"Low"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"hewlett-packard-enterprise-hpe","vendor_name":"Hewlett Packard Enterprise (HPE)","product_slug":"arubaos-wi-fi-controllers-and-campus-remote-access-points","product_name":"ArubaOS Wi-Fi Controllers and Campus/Remote Access Points","version_start":"ArubaOS 10.5.x.x: 10.5.0.1 and below","version_start_inclusive":true,"version_end":"ArubaOS 10.5.x.x: 10.5.0.1 and below","version_end_inclusive":true,"cpe23_uri":"cve5:hewlett-packard-enterprise-hpe:arubaos-wi-fi-controllers-and-campus-remote-access-points:ArubaOS 10.5.x.x: 10.5.0.1 and below:ArubaOS 10.5.x.x: 10.5.0.1 and below"},{"vendor_slug":"hewlett-packard-enterprise-hpe","vendor_name":"Hewlett Packard Enterprise (HPE)","product_slug":"arubaos-wi-fi-controllers-and-campus-remote-access-points","product_name":"ArubaOS Wi-Fi Controllers and Campus/Remote Access Points","version_start":"ArubaOS 10.4.x.x: 10.4.0.3 and below","version_start_inclusive":true,"version_end":"ArubaOS 10.4.x.x: 10.4.0.3 and below","version_end_inclusive":true,"cpe23_uri":"cve5:hewlett-packard-enterprise-hpe:arubaos-wi-fi-controllers-and-campus-remote-access-points:ArubaOS 10.4.x.x: 10.4.0.3 and below:ArubaOS 10.4.x.x: 10.4.0.3 and below"},{"vendor_slug":"hewlett-packard-enterprise-hpe","vendor_name":"Hewlett Packard Enterprise (HPE)","product_slug":"arubaos-wi-fi-controllers-and-campus-remote-access-points","product_name":"ArubaOS Wi-Fi Controllers and Campus/Remote Access Points","version_start":"ArubaOS 8.11.x.x: 8.11.2.0 and below","version_start_inclusive":true,"version_end":"ArubaOS 8.11.x.x: 8.11.2.0 and below","version_end_inclusive":true,"cpe23_uri":"cve5:hewlett-packard-enterprise-hpe:arubaos-wi-fi-controllers-and-campus-remote-access-points:ArubaOS 8.11.x.x: 8.11.2.0 and below:ArubaOS 8.11.x.x: 8.11.2.0 and below"},{"vendor_slug":"hewlett-packard-enterprise-hpe","vendor_name":"Hewlett Packard Enterprise (HPE)","product_slug":"arubaos-wi-fi-controllers-and-campus-remote-access-points","product_name":"ArubaOS Wi-Fi Controllers and Campus/Remote Access Points","version_start":"ArubaOS 8.10.x.x:  8.10.0.9 and below","version_start_inclusive":true,"version_end":"ArubaOS 8.10.x.x:  8.10.0.9 and below","version_end_inclusive":true,"cpe23_uri":"cve5:hewlett-packard-enterprise-hpe:arubaos-wi-fi-controllers-and-campus-remote-access-points:ArubaOS 8.10.x.x:  8.10.0.9 and below:ArubaOS 8.10.x.x:  8.10.0.9 and below"}],"exploit_refs":[],"news":[],"references":[{"url":"https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-002.txt","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2024-03-05T20:19:54.342000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:34:24.967237Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:34:24.967237Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:34:24.967237Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T01:53:59.984910Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:53:59.984910Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:53:59.984910Z","label":"SSVC decision revised","source":"vulnrichment"}]}