CVE-2023-30504

Published: May 16, 2023Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.

Affected (3)

Products: Arubanetworks: Edgeconnect Enterprise

Arubanetworks

1 product

Edgeconnect Enterprise

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Arubanetworks Edgeconnect Enterprise	Up to 9.0.8.0
Arubanetworks Edgeconnect Enterprise	From 9.1.0.0 to 9.1.5.0
Arubanetworks Edgeconnect Enterprise	From 9.2.0.0 to 9.2.3.0

References (2)

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt

Source: security-alert@hpe.com

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.