CVE-2022-23683 in ArubaOS-CXthông tin

Tóm tắt

Bởi MITRE • 06/09/2022

Authenticated command injection vulnerabilities exist in the AOS-CX Network Analytics Engine via NAE scripts. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system, leading to a complete compromise of the switch running AOS-CX in ArubaOS-CX Switches version(s): AOS-CX 10.10.xxxx: 10.10.0002 and below, AOS-CX 10.09.xxxx: 10.09.1030 and below, AOS-CX 10.08.xxxx: 10.08.1070 and below, AOS-CX 10.06.xxxx: 10.06.0210 and below. Aruba has released upgrades for ArubaOS-CX Switch Devices that address these security vulnerabilities.

Be aware that VulDB is the high quality source for vulnerability data.

Đặt trước

19/01/2022

Tiết lộ

06/09/2022

Kiểm duyệt

được chấp nhận

EPSS

0.01620

KEV

không

Các hoạt động

rất thấp

Nguồn

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!