CVE-2023-38401

Published: Aug 15, 2023Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.

Affected (1)

Products: Hp: Aruba Virtual Intranet Access

1 product

Aruba Virtual Intranet Access

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Hp Aruba Virtual Intranet Access	Before 4.5.0

Running on/with	Platform Versions
Microsoft Windows	All versions

References (2)

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt

Source: security-alert@hpe.com

Vendor Advisory

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.