Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files in the underlying operating system.
References
Link | Resource |
---|---|
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt | Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
|
History
07 Nov 2023, 04:07
Type | Values Removed | Values Added |
---|---|---|
Summary | Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files in the underlying operating system. |
04 Mar 2023, 03:09
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt - Vendor Advisory | |
First Time |
Arubanetworks mc-va-10
Arubanetworks mcr-hw-10k Arubanetworks mcr-hw-1k Arubanetworks 7205 Arubanetworks 7240xm Arubanetworks 7010 Arubanetworks 9012 Arubanetworks Arubanetworks sd-wan Arubanetworks 9004 Arubanetworks mcr-va-10k Arubanetworks 7210 Arubanetworks mc-va-1k Arubanetworks mc-va-50 Arubanetworks mcr-va-1k Arubanetworks 7220 Arubanetworks mc-va-250 Arubanetworks arubaos Arubanetworks 7280 Arubanetworks 7030 Arubanetworks mcr-hw-5k Arubanetworks mcr-va-50 Arubanetworks 9004-lte Arubanetworks mcr-va-5k Arubanetworks mcr-va-500 |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
CPE | cpe:2.3:h:arubanetworks:mcr-va-50:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:7280:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:mcr-va-5k:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:9004:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:mc-va-1k:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:mcr-hw-1k:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:9004-lte:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:mc-va-50:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:7010:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:mcr-va-10k:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:7240xm:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:mcr-hw-5k:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:mc-va-10:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:mcr-va-500:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:7030:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:7220:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:9012:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:mcr-va-1k:-:*:*:*:*:*:*:* cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:mcr-hw-10k:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:mc-va-250:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:7210:-:*:*:*:*:*:*:* cpe:2.3:h:arubanetworks:7205:-:*:*:*:*:*:*:* cpe:2.3:a:arubanetworks:sd-wan:*:*:*:*:*:*:*:* |
|
CWE | CWE-22 |
01 Mar 2023, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-01 08:15
Updated : 2023-12-10 14:48
NVD link : CVE-2023-22773
Mitre link : CVE-2023-22773
CVE.ORG link : CVE-2023-22773
JSON object : View
Products Affected
arubanetworks
- mcr-va-5k
- 7030
- 7205
- arubaos
- 9004
- sd-wan
- 7240xm
- 7280
- mc-va-50
- mcr-va-10k
- 7210
- 7010
- mcr-va-500
- mc-va-10
- 9012
- mc-va-1k
- mcr-hw-10k
- mc-va-250
- mcr-va-50
- mcr-hw-1k
- mcr-hw-5k
- 7220
- mcr-va-1k
- 9004-lte
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')