CVE-2024-25616

CVSS 3.1 Score 3.7 of 10 (low)

Details

Published Mar 5, 2024

Updated: Mar 6, 2024

Summary

CVE-2024-25616 refers to a vulnerability in ArubaOS where, under specific configurations, sensitive information may be partially disclosed during the IKE_AUTH negotiation process. The disclosure of this information is contingent on intricate scenarios that lie beyond the attacker's control. Aruba has identified this issue and is urging users to verify their configurations to mitigate potential risks. The vulnerability could lead to unintended information exposure, but further details on the extent and impact of the issue are not currently available.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uczvcO
https://www.cve.org/CVERecord?id=CVE-2024-25616
https://nvd.nist.gov/vuln/detail/CVE-2024-25616

Back to Vulnerability Database

CVE-2024-25616

CVSS 3.1 Score 3.7 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations