CVE-2022-37913

🗓️ 28 Oct 2022 00:00:00Reported by hpeType

Vulnerabilities in Aruba EdgeConnect Orchestrato

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability in the web interface of the Aruba EdgeConnect Enterprise Orchestrator platform allows a hacker to bypass security restrictions and gain increased privileges.	9 Dec 202200:00	–	bdu_fstec
Circl	CVE-2022-37913	13 Oct 202220:00	–	circl
CNNVD	Aruba Networks EdgeConnect Enterprise Orchestrator 授权问题漏洞	28 Oct 202200:00	–	cnnvd
CVE	CVE-2022-37913	28 Oct 202200:00	–	cve
EUVD	EUVD-2022-40520	3 Oct 202520:07	–	euvd
NVD	CVE-2022-37913	28 Oct 202202:15	–	nvd
Prion	Authentication flaw	28 Oct 202202:15	–	prion
Positive Technologies	PT-2022-5797 · Aruba · Aruba Edgeconnect Enterprise Orchestrator	11 Oct 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-37913	9 Jan 202610:50	–	redhatcve
Vulnrichment	CVE-2022-37913	28 Oct 202200:00	–	vulnrichment

[
  {
    "vendor": "n/a",
    "product": "Aruba EdgeConnect Enterprise Orchestrator (on-premises), Aruba EdgeConnect Enterprise Orchestrator-as-a-Service, Aruba EdgeConnect Enterprise Orchestrator-SP and Aruba EdgeConnect Enterprise Orchestrator Global Enterprise Tenant Orchestrators",
    "versions": [
      {
        "version": "Orchestrator 9.1.2.40051 and below",
        "status": "affected"
      },
      {
        "version": "Orchestrator 9.0.7.40108 and below",
        "status": "affected"
      },
      {
        "version": "Orchestrator 8.10.23.40009 and below",
        "status": "affected"
      },
      {
        "version": "Any older branches of Orchestrator not specifically mentioned",
        "status": "affected"
      }
    ]
  }
]

Source	Link
arubanetworks	www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-015.txt

28 Oct 2022 00:00Current

10High risk

Vulners AI Score10

EPSS0.05057