CVE-2023-22757 Unauthenticated Buffer Overflow Vulnerabilities in ArubaOS Processes

🗓️ 28 Feb 2023 16:36:54Reported by hpeType

Unauthenticated Buffer Overflow Vulnerabilities in ArubaOS Processes lead to remote code execution via PAPI protoco

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability in the implementation of the PAPI network protocol for ArubaOS operating systems allows a hacker to execute arbitrary code.	15 Mar 202300:00	–	bdu_fstec
Circl	CVE-2023-22757	1 Mar 202312:39	–	circl
CNNVD	Aruba Networks ArubaOS 安全漏洞	1 Mar 202300:00	–	cnnvd
CVE	CVE-2023-22757	28 Feb 202316:36	–	cve
EUVD	EUVD-2023-26875	3 Oct 202520:07	–	euvd
NCSC	Vulnerabilities fixed in Aruba Networks OS	2 Mar 202300:00	–	ncsc
NVD	CVE-2023-22757	1 Mar 202308:15	–	nvd
Prion	Buffer overflow	1 Mar 202308:15	–	prion
Positive Technologies	PT-2023-1679 · Aruba · Arubaos	28 Feb 202300:00	–	ptsecurity
Vulnrichment	CVE-2023-22757 Unauthenticated Buffer Overflow Vulnerabilities in ArubaOS Processes	28 Feb 202316:36	–	vulnrichment

[
  {
    "defaultStatus": "affected",
    "product": "Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central",
    "vendor": "Hewlett Packard Enterprise (HPE)",
    "versions": [
      {
        "status": "affected",
        "version": "ArubaOS 8.10.x.x:   8.10.0.4 and below"
      },
      {
        "status": "affected",
        "version": "ArubaOS 10.3.x.x:  10.3.1.0 and below"
      },
      {
        "status": "affected",
        "version": "SD-WAN 8.7.0.0-2.3.0.x:  8.7.0.0-2.3.0.8 and below"
      }
    ]
  }
]

Source	Link
arubanetworks	www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

07 Mar 2023 15:53Current

10High risk

Vulners AI Score10

CVSS 3.18.1

EPSS0.00425