Command injection

2022-12-1213:15:00

PRIOn knowledge base

www.prio-n.com

arubaos

command injection

authenticated

vulnerability

exploitation

arbitrary commands

privileged user

nvd

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.3%

JSON

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

CPENameOperatorVersion
arubaosge6.5.4.0
arubaoslt6.5.4.23
arubaosge8.4.0.0
arubaoslt8.6.0.18
arubaosge8.7.0.0
arubaoslt8.7.1.10
arubaosge8.8.0.0
arubaosle8.9.0.3
arubaoseq10.3.0.0
sd-waneq>= 8.7.0.02.3.0.0 AND < 8.7.0.02.3.0.7

Name	Operator	Version
arubaos	ge	6.5.4.0
arubaos	lt	6.5.4.23
arubaos	ge	8.4.0.0
arubaos	lt	8.6.0.18
arubaos	ge	8.7.0.0
arubaos	lt	8.7.1.10
arubaos	ge	8.8.0.0
arubaos	le	8.9.0.3
arubaos	eq	10.3.0.0
sd-wan	eq	>= 8.7.0.02.3.0.0 AND < 8.7.0.02.3.0.7

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt