CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-22758

Authenticated remote command injection vulnerabilities exist in the ArubaOS web-based management interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to fully compromise the underlying operating system on the device running ArubaOS.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.4%

CVSS Severity

CVSS v3 Score 7.2

References

Products affected by CVE-2023-22758

Arubanetworks » Sd-Wan » Version: Any

cpe:2.3:a:arubanetworks:sd-wan:*
Arubanetworks » Arubaos » Version: 10.3.0.0

cpe:2.3:o:arubanetworks:arubaos:10.3.0.0
Arubanetworks » Arubaos » Version: 10.3.1.0

cpe:2.3:o:arubanetworks:arubaos:10.3.1.0
Arubanetworks » Arubaos » Version: 8.10.0.0

cpe:2.3:o:arubanetworks:arubaos:8.10.0.0
Arubanetworks » Arubaos » Version: 8.6.0.0

cpe:2.3:o:arubanetworks:arubaos:8.6.0.0
Arubanetworks » Arubaos » Version: 8.6.0.11

cpe:2.3:o:arubanetworks:arubaos:8.6.0.11
Arubanetworks » Arubaos » Version: 8.6.0.5

cpe:2.3:o:arubanetworks:arubaos:8.6.0.5
Arubanetworks » Arubaos » Version: 8.6.0.6

cpe:2.3:o:arubanetworks:arubaos:8.6.0.6
Arubanetworks » Arubaos » Version: 8.6.0.7

cpe:2.3:o:arubanetworks:arubaos:8.6.0.7
Arubanetworks » Arubaos » Version: 8.6.0.8

cpe:2.3:o:arubanetworks:arubaos:8.6.0.8
Arubanetworks » Arubaos » Version: 8.6.0.9

cpe:2.3:o:arubanetworks:arubaos:8.6.0.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-22758

Products

Pricing

Contact Us