CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-37427

A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability allows an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 67.9%

CVSS Severity

CVSS v3 Score 7.2

References

Products affected by CVE-2023-37427

Arubanetworks » Edgeconnect Sd-Wan Orchestrator » Version: 9.0.0

cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.0.0
Arubanetworks » Edgeconnect Sd-Wan Orchestrator » Version: 9.1.0

cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.1.0
Arubanetworks » Edgeconnect Sd-Wan Orchestrator » Version: 9.2.0

cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.2.0
Arubanetworks » Edgeconnect Sd-Wan Orchestrator » Version: 9.2.5

cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.2.5
Arubanetworks » Edgeconnect Sd-Wan Orchestrator » Version: 9.3.0

cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-37427

Products

Pricing

Contact Us