Vulnerability Details CVE-2022-23678
A vulnerability in the Aruba Virtual Intranet Access (VIA) client for Microsoft Windows operating system client communications that could allow for an attacker in a privileged network position to intercept sensitive information in Aruba Virtual Intranet Access (VIA) client for Microsoft Windows operating system versions: 4.3.0 build 2208101 and below. Aruba has released upgrades for Virtual Intranet Access (VIA) Client that address this security vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.7%
CVSS Severity
CVSS v3 Score 5.9
References
Products affected by CVE-2022-23678
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:3.0.0
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:3.1.0
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:3.2.0
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:3.2.1
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:3.2.2
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:3.2.3
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:3.2.4
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:3.3.0
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:3.3.1
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:3.3.2
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:3.4.0
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:3.4.1
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:3.4.2
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:4.0.0
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:4.0.1
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:4.0.2
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:4.0.3
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:4.1.0
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:4.1.1
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:4.1.2
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:4.1.3
-
cpe:2.3:a:hp:aruba_virtual_intranet_access:4.2.0
-
cpe:2.3:o:microsoft:windows:-