Vulnerability Details CVE-2023-3718
An authenticated command injection vulnerability exists in the AOS-CX command line interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands on the underlying operating system as a privileged user on the affected switch. This allows an attacker to fully compromise the underlying operating system on the device running AOS-CX.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 76.9%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2023-3718
-
cpe:2.3:h:hpe:aruba_cx_10000-48y6:-
-
cpe:2.3:h:hpe:aruba_cx_4100i:-
-
cpe:2.3:h:hpe:aruba_cx_6000_12g:-
-
cpe:2.3:h:hpe:aruba_cx_6000_24g:-
-
cpe:2.3:h:hpe:aruba_cx_6000_48g:-
-
cpe:2.3:h:hpe:aruba_cx_6100:-
-
cpe:2.3:h:hpe:aruba_cx_6200f:-
-
cpe:2.3:h:hpe:aruba_cx_6200f_48g:-
-
cpe:2.3:h:hpe:aruba_cx_6200m:-
-
cpe:2.3:h:hpe:aruba_cx_6200m_24g:-
-
cpe:2.3:h:hpe:aruba_cx_6300m_24p:-
-
cpe:2.3:h:hpe:aruba_cx_6300m_48g:-
-
cpe:2.3:h:hpe:aruba_cx_6405:-
-
cpe:2.3:h:hpe:aruba_cx_6410:-
-
cpe:2.3:h:hpe:aruba_cx_8320-32:-
-
cpe:2.3:h:hpe:aruba_cx_8320-48p:-
-
cpe:2.3:h:hpe:aruba_cx_8325-32c:-
-
cpe:2.3:h:hpe:aruba_cx_8325-48y8c:-
-
cpe:2.3:h:hpe:aruba_cx_8360-12c:-
-
cpe:2.3:h:hpe:aruba_cx_8360-16y2c:-
-
cpe:2.3:h:hpe:aruba_cx_8360-24xf2c:-
-
cpe:2.3:h:hpe:aruba_cx_8360-32y4c:-
-
cpe:2.3:h:hpe:aruba_cx_8360-48xt4c:-
-
cpe:2.3:h:hpe:aruba_cx_8360-48y6c:-
-
cpe:2.3:h:hpe:aruba_cx_8400:-
-
cpe:2.3:h:hpe:aruba_cx_9300_32d:-
-
cpe:2.3:o:hpe:arubaos-cx:*
-
cpe:2.3:o:hpe:arubaos-cx:10.10.0000
-
cpe:2.3:o:hpe:arubaos-cx:10.10.1020
-
cpe:2.3:o:hpe:arubaos-cx:10.10.1030