CVE-2023-22784

🗓️ 08 May 2023 14:03:51Reported by hpeType

Buffer overflow vulnerabilities in multiple services, allowing unauthenticated remote code execution via specially crafted packets to PAPI UDP port (8211)

Reporter	Title	Published	Views	Family All 13
Tenable Nessus	ArubaOS 10 < 10.4.0.0 Multiple Vulnerabilities (ARUBA-PSA-2023-006)	12 May 202300:00	–	nessus
Tenable Nessus	Siemens SCALANCE W1750D Buffer Overflow (CVE-2023-22784)	21 Mar 202400:00	–	nessus
Circl	CVE-2023-22784	8 May 202318:37	–	circl
CNNVD	Aruba Networks InstantOS 安全漏洞	8 May 202300:00	–	cnnvd
Cvelist	CVE-2023-22784 Unauthenticated Buffer Overflow Vulnerabilities in Services Accessed by the PAPI Protocol	8 May 202314:03	–	cvelist
EUVD	EUVD-2023-26902	3 Oct 202520:07	–	euvd
ICS	Siemens SCALANCE W1750D	10 Oct 202300:00	–	ics
NCSC	Vulnerabilities fixed in Aruba Networks ArubaOS and InstantOS	11 May 202300:00	–	ncsc
NVD	CVE-2023-22784	8 May 202315:15	–	nvd
OSV	CVE-2023-22784	8 May 202315:15	–	osv

NVD

Node

hp arubaosRange10.3.0.0–10.3.1.0

hp instantosRange6.4.0.0–6.4.4.8-4.2.4.20

hp instantosRange6.5.0.0–6.5.4.23

hp instantosRange8.4.0.0–8.6.0.0

hp instantosRange8.6.0.0–8.6.0.19

hp instantosRange8.7.0.0–8.9.0.0

hp instantosRange8.10.0.0–8.10.0.4

[
  {
    "defaultStatus": "affected",
    "product": "Aruba Access Points running InstantOS and ArubaOS 10",
    "vendor": "Hewlett Packard Enterprise (HPE)",
    "versions": [
      {
        "status": "affected",
        "version": "InstantOS 8.10.x.x:   8.10.0.2 and below"
      },
      {
        "status": "affected",
        "version": "ArubaOS 10.3.x.x:  10.3.1.4 and below"
      },
      {
        "status": "affected",
        "version": "See reference document for further details"
      }
    ]
  }
]

Source	Link
arubanetworks	www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txt

31 Jan 2025 18:15Current

9.9High risk

Vulners AI Score9.9

CVSS 3.19.8

EPSS0.00978

SSVC

CWE-120