Lucene search

HpeVULNRICHMENT:CVE-2023-45626

HistoryNov 14, 2023 - 10:58 p.m.

CVE-2023-45626

2023-11-1422:58:35

hpe

github.com

vulnerability

authenticated

highly privileged

arbitrary code execution

boot cycles

CVSS3

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L

AI Score

7.3

Confidence

Low

EPSS

0.001

Percentile

23.9%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

An authenticated vulnerability has been identified allowing an attacker to effectively establish highly privileged persistent arbitrary code execution across boot cycles.

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-017.txt

CVSS3

5.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:L

AI Score

7.3

Confidence

Low

EPSS

0.001

Percentile

23.9%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

Related for VULNRICHMENT:CVE-2023-45626