Lucene search

HpeVULNRICHMENT:CVE-2023-39267

HistoryAug 29, 2023 - 7:28 p.m.

CVE-2023-39267 Authenticated Denial of Service Vulnerability in ArubaOS-Switch Command Line Interface

2023-08-2919:28:55

hpe

github.com

cve-2023-39267

authenticated

dos

arubaos-switch

command line interface

CVSS3

6.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:L

AI Score

7.7

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

An authenticated remote code execution vulnerability exists in the command line interface in ArubaOS-Switch. Successful exploitation results in a Denial-of-Service (DoS) condition in the switch.

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-013.txt

CVSS3

6.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:H/A:L

AI Score

7.7

Confidence

Low

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2023-39267