Vulnerability Details CVE-2022-43542
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.6%
CVSS Severity
CVSS v3 Score 7.2
References
Products affected by CVE-2022-43542
-
cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*
-
cpe:2.3:a:arubanetworks:edgeconnect_enterprise:8.3.1.0
-
cpe:2.3:a:arubanetworks:edgeconnect_enterprise:8.3.1.2
-
cpe:2.3:a:arubanetworks:edgeconnect_enterprise:8.3.2.0
-
cpe:2.3:a:arubanetworks:edgeconnect_enterprise:9.0.0.0
-
cpe:2.3:a:arubanetworks:edgeconnect_enterprise:9.0.2.0
-
cpe:2.3:a:arubanetworks:edgeconnect_enterprise:9.1.0.0