HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities

November 11, 2024 at 05:39AM Hewlett Packard Enterprise (HPE) released security updates for Aruba Networking Access Point products, addressing critical command injection vulnerabilities (CVE-2024-42509, CVE-2024-47460) that allow unauthenticated remote code execution. Users are advised to enable cluster security or block access to UDP port 8211 and implement management access controls to mitigate risks. **Meeting Takeaways: … Read more

HPE Patches Critical Vulnerabilities in Aruba Access Points

November 8, 2024 at 06:49AM HPE has issued a warning about two critical vulnerabilities in Aruba Networking access points, which could allow for unauthenticated command injection. The company has since released patches to address these security issues. **Meeting Takeaways:** 1. **Company Alert**: HPE has issued a warning regarding two critical vulnerabilities identified in Aruba Networking … Read more

HPE warns of critical RCE flaws in Aruba Networking access points

November 7, 2024 at 10:51AM Hewlett Packard Enterprise (HPE) addressed critical vulnerabilities in Aruba Networking Access Points with updates for AOS-8 and AOS-10 software. Two severe flaws (CVE-2024-42509, CVE-2024-47460) allow remote command injection. Users are advised to update to specific versions and implement workarounds to enhance security. No active exploitation reported. ### Meeting Takeaways: 1. … Read more

HPE patches three critical flaws in Aruba proprietary access protocol Interface

September 26, 2024 at 03:32PM HPE has issued emergency fixes for critical flaws in Aruba access points running AOS-8 and AOS-10. These vulnerabilities, rated 9.8 on the CVSS scale, allow attackers to run code on the systems. The flaws affect specific versions of AOS, and HPE advises upgrading to protect against these vulnerabilities. The discovery … Read more

HPE Aruba Networking fixes critical flaws impacting Access Points

September 26, 2024 at 08:12AM HPE Aruba Networking fixed three critical vulnerabilities in its Aruba Access Points’ Command Line Interface (CLI) service. CVE-2024-42505, CVE-2024-42506, and CVE-2024-42507 with a severity score of 9.8/10 can enable attackers to execute arbitrary code remotely via specially crafted packets. Administrators are advised to upgrade to the latest software to mitigate … Read more

It’s Time to Master the Lift & Shift: Migrating from VMware vSphere to Microsoft Azure

May 15, 2024 at 07:06AM The text discusses the recent push for IT professionals to transition their virtualized infrastructure from VMware vSphere to Microsoft Azure. It outlines a comprehensive guide with steps for planning, executing, and validating the migration process. Additionally, it highlights Zerto as an automated and orchestrated solution for VMware vSphere to Microsoft … Read more

Severe Flaws Disclosed in Brocade SANnav SAN Management Software

April 26, 2024 at 11:12AM Several security vulnerabilities were disclosed in the Brocade SANnav storage area network (SAN) management application, impacting all versions up to and including 2.3.0. These flaws allowed attackers to intercept credentials, execute arbitrary commands, and carry out supply chain attacks. The issues have been addressed in SANnav version 2.3.1 and patches … Read more

HPE Says Russian Government Hackers Had Access to Emails for 6 Months

January 25, 2024 at 05:18AM Hewlett Packard Enterprise (HPE) disclosed that its cloud email environment was targeted by hackers believed to be sponsored by the Russian government. The attack, attributed to the Midnight Blizzard and Cozy Bear threat groups, resulted in unauthorized access and data exfiltration. Microsoft also reported a similar attack by the same … Read more

Tech Giant HP Enterprise Hacked by Russian Hackers Linked to DNC Breach

January 25, 2024 at 01:06AM Hewlett Packard Enterprise’s cloud email environment was compromised by hackers connected to the Kremlin, attributed to the Russian state-sponsored group APT29. The breach lasted over six months and is linked to a previous security event involving unauthorized access to SharePoint files. The incident did not impact the company’s operations, according … Read more