CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-37440

A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to conduct a server-side request forgery (SSRF) attack. A successful exploit allows an attacker to enumerate information about the internal structure of the EdgeConnect SD-WAN Orchestrator host leading to potential disclosure of sensitive information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.7%

CVSS Severity

CVSS v3 Score 5.5

References

Products affected by CVE-2023-37440

Arubanetworks » Edgeconnect Sd-Wan Orchestrator » Version: 8.0.0

cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:8.0.0
Arubanetworks » Edgeconnect Sd-Wan Orchestrator » Version: 9.0.0

cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.0.0
Arubanetworks » Edgeconnect Sd-Wan Orchestrator » Version: 9.1.0

cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.1.0
Arubanetworks » Edgeconnect Sd-Wan Orchestrator » Version: 9.1.10

cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.1.10
Arubanetworks » Edgeconnect Sd-Wan Orchestrator » Version: 9.1.11

cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.1.11
Arubanetworks » Edgeconnect Sd-Wan Orchestrator » Version: 9.1.9

cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.1.9
Arubanetworks » Edgeconnect Sd-Wan Orchestrator » Version: 9.2.0

cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.2.0
Arubanetworks » Edgeconnect Sd-Wan Orchestrator » Version: 9.2.10

cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.2.10
Arubanetworks » Edgeconnect Sd-Wan Orchestrator » Version: 9.2.5

cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.2.5
Arubanetworks » Edgeconnect Sd-Wan Orchestrator » Version: 9.2.9

cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.2.9
Arubanetworks » Edgeconnect Sd-Wan Orchestrator » Version: 9.3.0

cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-37440

Products

Pricing

Contact Us