Vulnerability Description
An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Arubanetworks | Arubaos | >= 8.6.0.0, <= 8.6.0.19 |
| Arubanetworks | 7010 | - |
| Arubanetworks | 7030 | - |
| Arubanetworks | 7205 | - |
| Arubanetworks | 7210 | - |
| Arubanetworks | 7220 | - |
| Arubanetworks | 7240Xm | - |
| Arubanetworks | 7280 | - |
| Arubanetworks | 9004 | - |
| Arubanetworks | 9004-Lte | - |
| Arubanetworks | 9012 | - |
| Arubanetworks | Mc-Va-10 | - |
| Arubanetworks | Mc-Va-1K | - |
| Arubanetworks | Mc-Va-250 | - |
| Arubanetworks | Mc-Va-50 | - |
| Arubanetworks | Mcr-Hw-10K | - |
| Arubanetworks | Mcr-Hw-1K | - |
| Arubanetworks | Mcr-Hw-5K | - |
| Arubanetworks | Mcr-Va-10K | - |
| Arubanetworks | Mcr-Va-1K | - |
Related Weaknesses (CWE)
References
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txtVendor Advisory
- https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txtVendor Advisory
FAQ
What is CVE-2023-22776?
CVE-2023-22776 is a vulnerability with a CVSS score of 4.9 (MEDIUM). An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlyi...
How severe is CVE-2023-22776?
CVE-2023-22776 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-22776?
Check the references section above for vendor advisories and patch information. Affected products include: Arubanetworks Arubaos, Arubanetworks 7010, Arubanetworks 7030, Arubanetworks 7205, Arubanetworks 7210.