Aruba CloudVision CVE-2024-11186 Improper Access Control Vulnerability Advisory

Critical Vulnerability Information Vulnerability Identifier CVE-ID: CVE-2024-11186 CVSS v3.1 Base Score: 9.9 (AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H) Common Weakness Enumeration: CWE-284 Improper Access Control Affected Software and Platforms Affected CloudVision Versions: - 2024.3.0 and subsequent 2024.3.x versions - 2024.2.1 and subsequent 2024.2.x versions - 2024.1.2 and subsequent 2024.1.x versions - 2023.3.x, 2023.2.x, 2023.1.x, 2022.3.x, 2022.2.x, 2022.1.x, 2021.3.x, 2021.2.x, 2021.1.x, 2020.3.x, 2020.2.x, 2020.1.x, 2019.1.x, 2018.2.x, 2018.1.x, 2017.2.x versions Affected Platforms: - CloudVision Portal, virtual or physical devices Exploitation Requirements The attacker must be able to authenticate to CloudVision. Indicators and Compromise Signs All CLI commands sent to devices are logged in lines starting with "Request to execute:", which can be cross-referenced with device Radius/TACACS logs to detect suspicious activity. Mitigation Measures Add the following configuration at the end of the file on all CVP nodes: Then, run the following command on any node to reload nginx: Solution It is recommended to upgrade to the latest version containing all fixes. Fixed versions include: - 2025.1.0 and subsequent 2025.1.x versions - 2024.3.1 and subsequent 2024.3.x versions - 2024.2.2 and subsequent 2024.2.x versions - 2024.1.3 and subsequent 2024.1.x versions Hotfix No hotfix is available for this issue.

Goal Reached Thanks to every supporter — we hit 100%!

Aruba CloudVision CVE-2024-11186 Improper Access Control Vulnerability Advisory