{"cve":{"cve_id":"CVE-2024-42397","is_kev":false,"kev_date_added":null,"kev_vendor_project":null,"kev_product":null,"kev_vulnerability_name":null,"kev_short_description":null,"kev_required_action":null,"kev_due_date":null,"kev_known_ransomware":null,"kev_notes":null,"kev_cwes":null,"epss_score":0.00273,"epss_percentile":0.18902,"epss_as_of":"2026-06-23","description":"Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point.","published_at":"2024-08-06T18:51:57.643000Z","last_modified_at":null,"cvss_v3_score":5.3,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L","cvss_v3_severity":"MEDIUM","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"none","ssvc_automatable":false,"ssvc_technical_impact":"partial","cwes":["CWE-400"],"nvd_references":["https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:39.878444Z","updated_at":"2026-06-29T02:04:49.137859Z"},"effective_severity":"MEDIUM","badges":[],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"N","value_label":"None"},{"metric":"I","name":"Integrity","value":"N","value_label":"None"},{"metric":"A","name":"Availability","value":"L","value_label":"Low"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"hewlett-packard-enterprise-hpe","vendor_name":"Hewlett Packard Enterprise (HPE)","product_slug":"hpe-aruba-networking-instantos-and-aruba-access-points-running-arubaos-10","product_name":"HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10","version_start":"Version 8.12.0.0: 8.12.0.1 and below","version_start_inclusive":true,"version_end":"<=8.12.0.1","version_end_inclusive":true,"cpe23_uri":"cve5:hewlett-packard-enterprise-hpe:hpe-aruba-networking-instantos-and-aruba-access-points-running-arubaos-10:Version 8.12.0.0: 8.12.0.1 and below:<=8.12.0.1"},{"vendor_slug":"hewlett-packard-enterprise-hpe","vendor_name":"Hewlett Packard Enterprise (HPE)","product_slug":"hpe-aruba-networking-instantos-and-aruba-access-points-running-arubaos-10","product_name":"HPE Aruba Networking InstantOS and Aruba Access Points running ArubaOS 10","version_start":"Version 8.10.0.0: 8.10.0.12 and below","version_start_inclusive":true,"version_end":"<=8.10.0.12","version_end_inclusive":true,"cpe23_uri":"cve5:hewlett-packard-enterprise-hpe:hpe-aruba-networking-instantos-and-aruba-access-points-running-arubaos-10:Version 8.10.0.0: 8.10.0.12 and below:<=8.10.0.12"}],"exploit_refs":[],"news":[],"references":[{"url":"https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04678en_us&docLocale=en_US","source_type":"MISC","tags":[]}],"timeline":[{"type":"published","at":"2024-08-06T18:51:57.643000Z","label":"CVE published","source":null},{"type":"cvss_changed","at":"2026-06-28T17:37:21.133795Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:37:21.133795Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:37:21.133795Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T02:04:49.137859Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T02:04:49.137859Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T02:04:49.137859Z","label":"SSVC decision revised","source":"vulnrichment"}]}