CVE-2023-38401

EPSS 0.1%
Published 15.08.2023 19:15:10
Last modified 21.11.2024 08:13:29
Source security-alert@hpe.com
Teams watchlist Login
Open Login

A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.

Affected products Warnungen 0 Metrics 3 CWE 0 References 4

Data is provided by the National Vulnerability Database (NVD)

Hp ≫ Aruba Virtual Intranet Access Version < 4.5.0

Microsoft ≫ Windows Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.1%	0.295

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
security-alert@hpe.com	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-38401

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-38401

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-38401

EUVD