Lucene search

[email protected]NVD:CVE-2023-22766

HistoryMar 01, 2023 - 8:15 a.m.

CVE-2023-22766

2023-03-0108:15:13

CWE-77

[email protected]

web.nvd.nist.gov

arubaos

command injection

cve-2023-22766

authenticated vulnerability

arbitrary commands

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.1%

JSON

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

Affected configurations

NVD

Node

arubanetworksarubaosRange8.6.0.0–8.6.0.19

arubanetworksarubaosRange8.10.0.0–8.10.0.4

arubanetworksarubaosRange10.3.0.0–10.3.1.0

AND

arubanetworks7010Match-

arubanetworks7030Match-

arubanetworks7205Match-

arubanetworks7210Match-

arubanetworks7220Match-

arubanetworks7240xmMatch-

arubanetworks7280Match-

arubanetworks9004Match-

arubanetworks9004-lteMatch-

arubanetworks9012Match-

arubanetworksmc-va-10Match-

arubanetworksmc-va-1kMatch-

arubanetworksmc-va-250Match-

arubanetworksmc-va-50Match-

arubanetworksmcr-hw-10kMatch-

arubanetworksmcr-hw-1kMatch-

arubanetworksmcr-hw-5kMatch-

arubanetworksmcr-va-10kMatch-

arubanetworksmcr-va-1kMatch-

arubanetworksmcr-va-50Match-

arubanetworksmcr-va-500Match-

arubanetworksmcr-va-5kMatch-

Node

arubanetworkssd-wanRange8.7.0.0-2.3.0.0–8.7.0.0-2.3.0.8

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

7.7 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.1%

JSON

Related for NVD:CVE-2023-22766

cve1 cvelist1 prion1