CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
54.2%
An authenticated remote code execution vulnerability
exists in the AOS-CX Network Analytics Engine. Successful
exploitation of this vulnerability results in the ability to
execute arbitrary code as a privileged user on the underlying
operating system, leading to a complete compromise of the
switch running AOS-CX.
Vendor | Product | Version | CPE |
---|---|---|---|
hpe | arubaos-cx | * | cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:* |
hpe | aruba_cx_10000-48y6 | - | cpe:2.3:h:hpe:aruba_cx_10000-48y6:-:*:*:*:*:*:*:* |
hpe | aruba_cx_6200f_48g | - | cpe:2.3:h:hpe:aruba_cx_6200f_48g:-:*:*:*:*:*:*:* |
hpe | aruba_cx_6200m_24g | - | cpe:2.3:h:hpe:aruba_cx_6200m_24g:-:*:*:*:*:*:*:* |
hpe | aruba_cx_6300m_24p | - | cpe:2.3:h:hpe:aruba_cx_6300m_24p:-:*:*:*:*:*:*:* |
hpe | aruba_cx_6300m_48g | - | cpe:2.3:h:hpe:aruba_cx_6300m_48g:-:*:*:*:*:*:*:* |
hpe | aruba_cx_6405 | - | cpe:2.3:h:hpe:aruba_cx_6405:-:*:*:*:*:*:*:* |
hpe | aruba_cx_6410 | - | cpe:2.3:h:hpe:aruba_cx_6410:-:*:*:*:*:*:*:* |
hpe | aruba_cx_8320-32 | - | cpe:2.3:h:hpe:aruba_cx_8320-32:-:*:*:*:*:*:*:* |
hpe | aruba_cx_8320-48p | - | cpe:2.3:h:hpe:aruba_cx_8320-48p:-:*:*:*:*:*:*:* |
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
54.2%