HPE Product Security Update Advisory

Oct 04 2024

Overview

An update has been released to address vulnerabilities in HPE Products. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-42505, CVE-2024-42506, CVE-2024-42507

AOS-10 versions: AOS-10.6 (inclusive) ~ 10.6.0.2 (inclusive)
AOS-10 versions: AOS-10.4 (inclusive) ~ 10.4.1.3 (inclusive)
Instant AOS-8 versions: Instant AOS-8.12 (inclusive) ~ 8.12.0.1 (inclusive)
Instant AOS-8 versions: Instant AOS-8.10 (inclusive) ~ 8.10.0.13 (inclusive)

Resolved Vulnerabilities

Command Injection vulnerabilities in Aruba Access Points running AOS on HPE Aruba Networking (CVE-2024-42505, CVE-2024-42506, CVE-2024-42507)

Vulnerability Patches

The following product-specific Vulnerability Patches have been made available in the latest update. if you are using an affected version, Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-42505, CVE-2024-42506, CVE-2024-42507

AOS-10 version: 10.6.0.3 or 10.7 later version
AOS-10 version: 10.4.1.4 or 10.6.0.3 or 10.7 later version
Instant AOS-8 version: 8.12.0.2 or later version
Instant AOS-8 version: 8.10.0.14 or later version

References

[1] CVE-2024-42505 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-42505

[2] CVE-2024-42506 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-42506

[3] CVE-2024-42507 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-42507

[4] security bulletin

Https:// support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04712en_us&docLocale=en_US

HPE Product Security Update Advisory

Mozilla Products October 2024 1st Security Update Advisory

Cisco Family October 2024 First Round Security Update Advisory

Tags:

Mozilla Products October 2024 1st Security Update Advisory

Cisco Family October 2024 First Round Security Update Advisory