Lucene search

[email protected]NVD:CVE-2023-39267

HistoryAug 29, 2023 - 8:15 p.m.

CVE-2023-39267

2023-08-2920:15:09

[email protected]

web.nvd.nist.gov

authenticated

remote code execution

denial-of-service

arubaos-switch

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

48.2%

JSON

An authenticated remote code execution vulnerability exists in the command line interface in ArubaOS-Switch. Successful exploitation results in a Denial-of-Service (DoS) condition in the switch.

Affected configurations

Nvd

Node

hpearubaos-switchRange<a.15.16.0026

hpearubaos-switchRange16.01.0000–16.04.0027

hpearubaos-switchRange16.05.0000–16.08.0027

hpearubaos-switchRange16.10.0001–16.10.0024

hpearubaos-switchRange16.11.0001–16.11.0013

AND

arubanetworksaruba_2530Match-

arubanetworksaruba_2530yaMatch-

arubanetworksaruba_2530ybMatch-

arubanetworksaruba_2540Match-

arubanetworksaruba_2920Match-

arubanetworksaruba_2930fMatch-

arubanetworksaruba_2930mMatch-

arubanetworksaruba_3810mMatch-

arubanetworksaruba_5406r_zl2Match-

arubanetworksaruba_5412r_zl2Match-

VendorProductVersionCPE
hpearubaos-switch*cpe:2.3:o:hpe:arubaos-switch:*:*:*:*:*:*:*:*
arubanetworksaruba_2530-cpe:2.3:h:arubanetworks:aruba_2530:-:*:*:*:*:*:*:*
arubanetworksaruba_2530ya-cpe:2.3:h:arubanetworks:aruba_2530ya:-:*:*:*:*:*:*:*
arubanetworksaruba_2530yb-cpe:2.3:h:arubanetworks:aruba_2530yb:-:*:*:*:*:*:*:*
arubanetworksaruba_2540-cpe:2.3:h:arubanetworks:aruba_2540:-:*:*:*:*:*:*:*
arubanetworksaruba_2920-cpe:2.3:h:arubanetworks:aruba_2920:-:*:*:*:*:*:*:*
arubanetworksaruba_2930f-cpe:2.3:h:arubanetworks:aruba_2930f:-:*:*:*:*:*:*:*
arubanetworksaruba_2930m-cpe:2.3:h:arubanetworks:aruba_2930m:-:*:*:*:*:*:*:*
arubanetworksaruba_3810m-cpe:2.3:h:arubanetworks:aruba_3810m:-:*:*:*:*:*:*:*
arubanetworksaruba_5406r_zl2-cpe:2.3:h:arubanetworks:aruba_5406r_zl2:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hpe	arubaos-switch	*	cpe:2.3:o:hpe:arubaos-switch::::::::
arubanetworks	aruba_2530	-	cpe:2.3:h:arubanetworks:aruba_2530:-:::::::*
arubanetworks	aruba_2530ya	-	cpe:2.3:h:arubanetworks:aruba_2530ya:-:::::::*
arubanetworks	aruba_2530yb	-	cpe:2.3:h:arubanetworks:aruba_2530yb:-:::::::*
arubanetworks	aruba_2540	-	cpe:2.3:h:arubanetworks:aruba_2540:-:::::::*
arubanetworks	aruba_2920	-	cpe:2.3:h:arubanetworks:aruba_2920:-:::::::*
arubanetworks	aruba_2930f	-	cpe:2.3:h:arubanetworks:aruba_2930f:-:::::::*
arubanetworks	aruba_2930m	-	cpe:2.3:h:arubanetworks:aruba_2930m:-:::::::*
arubanetworks	aruba_3810m	-	cpe:2.3:h:arubanetworks:aruba_3810m:-:::::::*
arubanetworks	aruba_5406r_zl2	-	cpe:2.3:h:arubanetworks:aruba_5406r_zl2:-:::::::*

Rows per page:

1-10 of 111

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

48.2%

JSON

Related for NVD:CVE-2023-39267

prion1 vulnrichment1 cvelist1 cve1