A vulnerability in the Aruba EdgeConnect Enterprise Orchestrator web-based management interface allows remote authenticated users to run arbitrary commands on the underlying hos
Reporter | Title | Published | Views | Family All 3 |
---|---|---|---|---|
![]() | CVE-2022-44534 | 5 Jan 202307:15 | – | nvd |
![]() | Authentication flaw | 5 Jan 202307:15 | – | prion |
![]() | CVE-2022-44534 | 5 Jan 202307:15 | – | cve |
[
{
"defaultStatus": "unaffected",
"product": "Aruba EdgeConnect Enterprise Orchestration Software",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "Aruba EdgeConnect Enterprise Orchestrator (on-premises), Aruba EdgeConnect Enterprise Orchestrator-as-a-Service, Aruba EdgeConnect Enterprise Orchestrator-SP and Aruba EdgeConnect Enterprise Orchestrator Global Enterprise Tenant Orchestrators - Orchestrator 9.2.1.40179 and below, - Orchestrator 9.1.4.40436 and below, - Orchestrator 9.0.7.40110 and below, - Orchestrator 8.10.23.40015 and below, - Any older branches of Orchestrator not specifically mentioned."
}
]
}
]
Source | Link |
---|---|
arubanetworks | www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-021.txt |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo