Vulnerability Description
MotionPro in Array ArrayOS AG before 9.4.0.505 on AG and vxAG allows remote command execution via crafted packets. AG and vxAG 9.3.0.259.x are unaffected.
CVSS Score
9.8
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Arraynetworks | Arrayos Ag | < 9.4.0.505 |
| Arraynetworks | Ag | - |
| Arraynetworks | Vxag | - |
Related Weaknesses (CWE)
References
- https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/dVendor Advisory
- https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/dVendor Advisory
FAQ
What is CVE-2023-51707?
CVE-2023-51707 is a vulnerability with a CVSS score of 9.8 (CRITICAL). MotionPro in Array ArrayOS AG before 9.4.0.505 on AG and vxAG allows remote command execution via crafted packets. AG and vxAG 9.3.0.259.x are unaffected.
How severe is CVE-2023-51707?
CVE-2023-51707 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-51707?
Check the references section above for vendor advisories and patch information. Affected products include: Arraynetworks Arrayos Ag, Arraynetworks Ag, Arraynetworks Vxag.