7.2
CVE-2023-35974
- EPSS 0.41%
- Published 05.07.2023 15:15:09
- Last modified 21.11.2024 08:09:05
- Source security-alert@hpe.com
- Teams watchlist Login
- Open Login
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
Data is provided by the National Vulnerability Database (NVD)
Arubanetworks ≫ Arubaos Version >= 6.5.4.0 < 8.6.0.21
Arubanetworks ≫ Mc-va-10 Version-
Arubanetworks ≫ Mc-va-1k Version-
Arubanetworks ≫ Mc-va-250 Version-
Arubanetworks ≫ Mc-va-50 Version-
Arubanetworks ≫ Mcr-va-10k Version-
Arubanetworks ≫ Mcr-va-1k Version-
Arubanetworks ≫ Mcr-va-50 Version-
Arubanetworks ≫ Mcr-va-500 Version-
Arubanetworks ≫ Mcr-va-5k Version-
Arubanetworks ≫ Sd-wan Version-
Arubanetworks ≫ Mcr-hw-10k Version-
Arubanetworks ≫ Mcr-hw-1k Version-
Arubanetworks ≫ Mcr-hw-5k Version-
Arubanetworks ≫ Mc-va-1k Version-
Arubanetworks ≫ Mc-va-250 Version-
Arubanetworks ≫ Mc-va-50 Version-
Arubanetworks ≫ Mcr-va-10k Version-
Arubanetworks ≫ Mcr-va-1k Version-
Arubanetworks ≫ Mcr-va-50 Version-
Arubanetworks ≫ Mcr-va-500 Version-
Arubanetworks ≫ Mcr-va-5k Version-
Arubanetworks ≫ Sd-wan Version-
Arubanetworks ≫ Mcr-hw-10k Version-
Arubanetworks ≫ Mcr-hw-1k Version-
Arubanetworks ≫ Mcr-hw-5k Version-
Arubanetworks ≫ Arubaos Version >= 8.7.0.0 < 8.10.0.7
Arubanetworks ≫ Mc-va-10 Version-
Arubanetworks ≫ Mc-va-1k Version-
Arubanetworks ≫ Mc-va-250 Version-
Arubanetworks ≫ Mc-va-50 Version-
Arubanetworks ≫ Mcr-va-10k Version-
Arubanetworks ≫ Mcr-va-1k Version-
Arubanetworks ≫ Mcr-va-50 Version-
Arubanetworks ≫ Mcr-va-500 Version-
Arubanetworks ≫ Mcr-va-5k Version-
Arubanetworks ≫ Sd-wan Version-
Arubanetworks ≫ Mcr-hw-10k Version-
Arubanetworks ≫ Mcr-hw-1k Version-
Arubanetworks ≫ Mcr-hw-5k Version-
Arubanetworks ≫ Mc-va-1k Version-
Arubanetworks ≫ Mc-va-250 Version-
Arubanetworks ≫ Mc-va-50 Version-
Arubanetworks ≫ Mcr-va-10k Version-
Arubanetworks ≫ Mcr-va-1k Version-
Arubanetworks ≫ Mcr-va-50 Version-
Arubanetworks ≫ Mcr-va-500 Version-
Arubanetworks ≫ Mcr-va-5k Version-
Arubanetworks ≫ Sd-wan Version-
Arubanetworks ≫ Mcr-hw-10k Version-
Arubanetworks ≫ Mcr-hw-1k Version-
Arubanetworks ≫ Mcr-hw-5k Version-
Arubanetworks ≫ Arubaos Version >= 8.11.0.0 < 8.11.1.1
Arubanetworks ≫ Mc-va-10 Version-
Arubanetworks ≫ Mc-va-1k Version-
Arubanetworks ≫ Mc-va-250 Version-
Arubanetworks ≫ Mc-va-50 Version-
Arubanetworks ≫ Mcr-va-10k Version-
Arubanetworks ≫ Mcr-va-1k Version-
Arubanetworks ≫ Mcr-va-50 Version-
Arubanetworks ≫ Mcr-va-500 Version-
Arubanetworks ≫ Mcr-va-5k Version-
Arubanetworks ≫ Sd-wan Version-
Arubanetworks ≫ Mcr-hw-10k Version-
Arubanetworks ≫ Mcr-hw-1k Version-
Arubanetworks ≫ Mcr-hw-5k Version-
Arubanetworks ≫ Mc-va-1k Version-
Arubanetworks ≫ Mc-va-250 Version-
Arubanetworks ≫ Mc-va-50 Version-
Arubanetworks ≫ Mcr-va-10k Version-
Arubanetworks ≫ Mcr-va-1k Version-
Arubanetworks ≫ Mcr-va-50 Version-
Arubanetworks ≫ Mcr-va-500 Version-
Arubanetworks ≫ Mcr-va-5k Version-
Arubanetworks ≫ Sd-wan Version-
Arubanetworks ≫ Mcr-hw-10k Version-
Arubanetworks ≫ Mcr-hw-1k Version-
Arubanetworks ≫ Mcr-hw-5k Version-
Arubanetworks ≫ Arubaos Version >= 10.4.0.0 < 10.4.0.2
Arubanetworks ≫ Mc-va-10 Version-
Arubanetworks ≫ Mc-va-1k Version-
Arubanetworks ≫ Mc-va-250 Version-
Arubanetworks ≫ Mc-va-50 Version-
Arubanetworks ≫ Mcr-va-10k Version-
Arubanetworks ≫ Mcr-va-1k Version-
Arubanetworks ≫ Mcr-va-50 Version-
Arubanetworks ≫ Mcr-va-500 Version-
Arubanetworks ≫ Mcr-va-5k Version-
Arubanetworks ≫ Sd-wan Version-
Arubanetworks ≫ Mcr-hw-10k Version-
Arubanetworks ≫ Mcr-hw-1k Version-
Arubanetworks ≫ Mcr-hw-5k Version-
Arubanetworks ≫ Mc-va-1k Version-
Arubanetworks ≫ Mc-va-250 Version-
Arubanetworks ≫ Mc-va-50 Version-
Arubanetworks ≫ Mcr-va-10k Version-
Arubanetworks ≫ Mcr-va-1k Version-
Arubanetworks ≫ Mcr-va-50 Version-
Arubanetworks ≫ Mcr-va-500 Version-
Arubanetworks ≫ Mcr-va-5k Version-
Arubanetworks ≫ Sd-wan Version-
Arubanetworks ≫ Mcr-hw-10k Version-
Arubanetworks ≫ Mcr-hw-1k Version-
Arubanetworks ≫ Mcr-hw-5k Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.41% | 0.599 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.2 | 1.2 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| security-alert@hpe.com | 7.2 | 1.2 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.