Command injection

2022-12-1213:15:00

PRIOn knowledge base

www.prio-n.com

arubaos

command injection

authenticated vulnerability

arbitrary commands

privileged user

9.1 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.4%

JSON

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

CPENameOperatorVersion
arubaosge8.7.0.0
arubaoslt8.7.1.9
arubaosge6.5.4.0
arubaoslt6.5.4.22
arubaosge8.4.0.0
arubaoslt8.6.0.17
arubaosge8.8.0.0
arubaoslt10.3.0.1
sd-waneq>= 8.7.0.02.3.0.0 AND < 8.7.0.02.3.0.6

Name	Operator	Version
arubaos	ge	8.7.0.0
arubaos	lt	8.7.1.9
arubaos	ge	6.5.4.0
arubaos	lt	6.5.4.22
arubaos	ge	8.4.0.0
arubaos	lt	8.6.0.17
arubaos	ge	8.8.0.0
arubaos	lt	10.3.0.1
sd-wan	eq	>= 8.7.0.02.3.0.0 AND < 8.7.0.02.3.0.6

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt