Due to improper restrictions on XML entities multiple vulnerabilities exist in the command line interface of ArubaOS. A successful exploit could allow an authenticated attacker to retrieve files from the local system or cause the application to consume system resources, resulting in a denial of service condition.
References
Link | Resource |
---|---|
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 03:49
Type | Values Removed | Values Added |
---|---|---|
Summary | Due to improper restrictions on XML entities multiple vulnerabilities exist in the command line interface of ArubaOS. A successful exploit could allow an authenticated attacker to retrieve files from the local system or cause the application to consume system resources, resulting in a denial of service condition. |
13 Dec 2022, 19:22
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-611 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
First Time |
Arubanetworks
Arubanetworks sd-wan Arubanetworks arubaos |
|
References | (MISC) https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-016.txt - Vendor Advisory | |
CPE | cpe:2.3:a:arubanetworks:sd-wan:*:*:*:*:*:*:*:* cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:* |
12 Dec 2022, 13:17
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-12-12 13:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-37911
Mitre link : CVE-2022-37911
CVE.ORG link : CVE-2022-37911
JSON object : View
Products Affected
arubanetworks
- arubaos
- sd-wan
CWE
CWE-611
Improper Restriction of XML External Entity Reference