CVE-2023-30503 Authenticated Remote Code Execution in Aruba EdgeConnect Enterprise Command Line Interface

🗓️ 16 May 2023 18:51:40Reported by hpeType

Aruba EdgeConnect Enterprise CLI Remote Code Execution CVE-2023-30503

Reporter	Title	Published	Views	Family All 9
BDU FSTEC	The vulnerability of the command-line interface of the Aruba EdgeConnect Enterprise network management platform allows a attacker to execute arbitrary commands with root privileges.	6 Dec 202300:00	–	bdu_fstec
Circl	CVE-2023-30503	22 Jan 202521:02	–	circl
CNNVD	Aruba Networks EdgeConnect 安全漏洞	16 May 202300:00	–	cnnvd
CVE	CVE-2023-30503	16 May 202318:51	–	cve
EUVD	EUVD-2023-34918	3 Oct 202520:07	–	euvd
NVD	CVE-2023-30503	16 May 202319:15	–	nvd
Prion	Design/Logic Flaw	16 May 202319:15	–	prion
Positive Technologies	PT-2023-7454 · Aruba · Aruba Edgeconnect Enterprise	16 May 202300:00	–	ptsecurity
Vulnrichment	CVE-2023-30503 Authenticated Remote Code Execution in Aruba EdgeConnect Enterprise Command Line Interface	16 May 202318:51	–	vulnrichment

[
  {
    "defaultStatus": "affected",
    "product": "Aruba EdgeConnect Enterprise Software",
    "vendor": "Hewlett Packard Enterprise (HPE)",
    "versions": [
      {
        "lessThanOrEqual": "9.2.3.0",
        "status": "affected",
        "version": "ECOS 9.2.x.x",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "9.1.5.0",
        "status": "affected",
        "version": "ECOS 9.1.x.x",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "9.0.8.0",
        "status": "affected",
        "version": "ECOS 9.0.x.x",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "all",
        "status": "affected",
        "version": "ECOS 8.x.x.x",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
arubanetworks	www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt

07 Jul 2023 14:30Current

9.2High risk

Vulners AI Score9.2

CVSS 3.17.2

EPSS0.00395