Lucene search
HpeCVELIST:CVE-2023-35975HistoryJul 05, 2023 - 2:46 p.m.
CVE-2023-35975 Authenticated Path Traversal in ArubaOS Command Line Interface Allows for Arbitrary File Deletion
2023-07-0514:46:49
hpe
www.cve.org
4
arubaos
cli
path traversal
cve-2023-35975
authenticated
arbitrary file deletion
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
AI Score
8.3
Confidence
High
EPSS
0.001
Percentile
34.1%
An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to delete arbitrary files in the underlying operating system.
CNA Affected
[
{
"defaultStatus": "affected",
"product": "Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central",
"vendor": "Hewlett Packard Enterprise (HPE)",
"versions": [
{
"status": "affected",
"version": "- ArubaOS 10.4.x.x: 10.4.0.1 and below"
},
{
"status": "affected",
"version": "- ArubaOS 8.11.x.x: 8.11.1.0 and below"
},
{
"status": "affected",
"version": "- ArubaOS 8.10.x.x: 8.10.0.6 and below"
},
{
"status": "affected",
"version": "- ArubaOS 8.6.x.x: 8.6.0.20 and below"
}
]
}
]Related
nvd
nvd
CVE-2023-35975
2023-07-05 15:15:09
prion
prion
Path traversal
2023-07-05 15:15:00
cve
cve
CVE-2023-35975
2023-07-05 15:15:09
nessus
nessus
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
AI Score
8.3
Confidence
High
EPSS
0.001
Percentile
34.1%
Related for CVELIST:CVE-2023-35975