Vulnerability Description
Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files in the underlying operating system.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Arubanetworks | Arubaos | >= 8.6.0.0, <= 8.6.0.19 |
| Arubanetworks | 7010 | - |
| Arubanetworks | 7030 | - |
| Arubanetworks | 7205 | - |
| Arubanetworks | 7210 | - |
| Arubanetworks | 7220 | - |
| Arubanetworks | 7240Xm | - |
| Arubanetworks | 7280 | - |
| Arubanetworks | 9004 | - |
| Arubanetworks | 9004-Lte | - |
| Arubanetworks | 9012 | - |
| Arubanetworks | Mc-Va-10 | - |
| Arubanetworks | Mc-Va-1K | - |
| Arubanetworks | Mc-Va-250 | - |
| Arubanetworks | Mc-Va-50 | - |
| Arubanetworks | Mcr-Hw-10K | - |
| Arubanetworks | Mcr-Hw-1K | - |
| Arubanetworks | Mcr-Hw-5K | - |
| Arubanetworks | Mcr-Va-10K | - |
| Arubanetworks | Mcr-Va-1K | - |
Related Weaknesses (CWE)
References
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txtVendor Advisory
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txtVendor Advisory
FAQ
What is CVE-2023-22774?
CVE-2023-22774 is a vulnerability with a CVSS score of 7.2 (HIGH). Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files in the underl...
How severe is CVE-2023-22774?
CVE-2023-22774 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-22774?
Check the references section above for vendor advisories and patch information. Affected products include: Arubanetworks Arubaos, Arubanetworks 7010, Arubanetworks 7030, Arubanetworks 7205, Arubanetworks 7210.