vulnerability

Aruba AOS-CX: CVE-2024-6387: Race Condition in OpenSSH-server Leading to Unauthenticated Remote Code Execution

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:M/Au:N/C:C/I:C/A:C)	Jul 9, 2024	Feb 24, 2025	Jul 3, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:C/A:C)

Published

Jul 9, 2024

Added

Feb 24, 2025

Modified

Jul 3, 2025

Description

A security regression of (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to OpenSSH sshd to handle some signals in an unsafe manner. An unauthenticated remote attacker may be able to trigger this vulnerable condition by failing to authenticate within a set time.

Solution

aruba-aos-cx-cve-2024-6387

References

CVE-2024-6387
https://attackerkb.com/topics/CVE-2024-6387
URL-https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04669.json
CWE-364
CWE-362

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today