Multiple vulnerabilities in ArubaOS and Aruba SD-WAN

1) OS Command Injection

EUVDB-ID: #VU72656

Risk: Low

CVSSv4.0: 5.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22764

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a local user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Stored cross-site scripting

EUVDB-ID: #VU72674

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22778

CWE-ID: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Exploit availability: No

The disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper access control

EUVDB-ID: #VU72673

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22777

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

The vulnerability allows a remote user to gain unauthorized access to sensitive information.

The vulnerability exists due to improper access restrictions in the web-based management interface. A remote user can bypass implemented security restrictions and read arbitrary files on the system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Path traversal

EUVDB-ID: #VU72672

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22776

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

The vulnerability allows a local user to read arbitrary files on the device.

The vulnerability exists due to input validation error when processing directory traversal sequences in the CLI. A local user can pass specially crafted arguments to the CLI commands and read arbitrary files on the system.

Install update from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Improper access control

EUVDB-ID: #VU72671

Risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22775

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

The vulnerability allows a local user to gain unauthorized access to sensitive information.

The vulnerability exists due to improper access restrictions in the CLI. A local user can bypass implemented security restrictions and gain unauthorized access to sensitive information.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Path traversal

EUVDB-ID: #VU72669

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22774

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

The vulnerability allows a local user to delete arbitrary files on the device.

The vulnerability exists due to input validation error when processing directory traversal sequences in the CLI. A local user can pass specially crafted arguments to the CLI commands and delete arbitrary files on the system.

Install update from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Path traversal

EUVDB-ID: #VU72668

Risk: Low

CVSSv4.0: 1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22773

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

The vulnerability allows a local user to delete arbitrary files on the device.

The vulnerability exists due to input validation error when processing directory traversal sequences in the CLI. A local user can pass specially crafted arguments to the CLI commands and delete arbitrary files on the system.

Install update from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Path traversal

EUVDB-ID: #VU72667

Risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22772

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

The vulnerability allows a remote user to delete arbitrary files on the device.

The vulnerability exists due to input validation error when processing directory traversal sequences in the web-based interface. A remote user can send a specially crafted HTTP request and delete arbitrary files on the system.

Install update from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Insufficient Session Expiration

EUVDB-ID: #VU72666

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22771

CWE-ID: CWE-613 - Insufficient Session Expiration

Exploit availability: No

The vulnerability allows a local user to gain unauthorized access to system.

The vulnerability exists due to insufficient session expiration issue in the command line interface. A local user can keep an active session on the affected device even after their account has been removed.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) OS Command Injection

EUVDB-ID: #VU72662

Risk: Low

CVSSv4.0: 5.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22770

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a local user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) OS Command Injection

EUVDB-ID: #VU72661

Risk: Low

CVSSv4.0: 5.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22769

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a local user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) OS Command Injection

EUVDB-ID: #VU72660

Risk: Low

CVSSv4.0: 5.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22768

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a local user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) OS Command Injection

EUVDB-ID: #VU72659

Risk: Low

CVSSv4.0: 5.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22767

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a local user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) OS Command Injection

EUVDB-ID: #VU72658

Risk: Low

CVSSv4.0: 5.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22766

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a local user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) OS Command Injection

EUVDB-ID: #VU72657

Risk: Low

CVSSv4.0: 5.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22765

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a local user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) OS Command Injection

EUVDB-ID: #VU72655

Risk: Low

CVSSv4.0: 5.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22763

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a local user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) OS Command Injection

EUVDB-ID: #VU72638

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-22747

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the PAPI Protocol. A remote unauthenticated attacker can send specially crafted packets to port 8211/UDP and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Buffer overflow

EUVDB-ID: #VU72645

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-22754

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the PAPI Protocol. A remote attacker can send specially crafted packets to port 8211/UDP, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) OS Command Injection

EUVDB-ID: #VU72639

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-22748

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the PAPI Protocol. A remote unauthenticated attacker can send specially crafted packets to port 8211/UDP and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) OS Command Injection

EUVDB-ID: #VU72640

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-22749

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the PAPI Protocol. A remote unauthenticated attacker can send specially crafted packets to port 8211/UDP and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) OS Command Injection

EUVDB-ID: #VU72641

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-22750

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the PAPI Protocol. A remote unauthenticated attacker can send specially crafted packets to port 8211/UDP and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Stack-based buffer overflow

EUVDB-ID: #VU72642

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-22751

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the PAPI Protocol. A remote unauthenticated attacker can send specially crafted packets to the port 8211/UDP, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Stack-based buffer overflow

EUVDB-ID: #VU72643

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-22752

CWE-ID: CWE-121 - Stack-based buffer overflow

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the PAPI Protocol. A remote unauthenticated attacker can send specially crafted packets to the port 8211/UDP, trigger a stack-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Buffer overflow

EUVDB-ID: #VU72644

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-22753

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the PAPI Protocol. A remote attacker can send specially crafted packets to port 8211/UDP, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Buffer overflow

EUVDB-ID: #VU72646

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-22755

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the PAPI Protocol. A remote attacker can send specially crafted packets to port 8211/UDP, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) OS Command Injection

EUVDB-ID: #VU72654

Risk: Low

CVSSv4.0: 5.8 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22762

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a local user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) Buffer overflow

EUVDB-ID: #VU72647

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-22756

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the PAPI Protocol. A remote attacker can send specially crafted packets to port 8211/UDP, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Buffer overflow

EUVDB-ID: #VU72648

Risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2023-22757

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the PAPI Protocol. A remote attacker can send specially crafted packets to port 8211/UDP, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) OS Command Injection

EUVDB-ID: #VU72650

Risk: Low

CVSSv4.0: 6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22758

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote authenticated user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) OS Command Injection

EUVDB-ID: #VU72651

Risk: Low

CVSSv4.0: 6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22759

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote authenticated user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) OS Command Injection

EUVDB-ID: #VU72652

Risk: Low

CVSSv4.0: 6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22760

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote authenticated user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) OS Command Injection

EUVDB-ID: #VU72653

Risk: Low

CVSSv4.0: 6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-22761

CWE-ID: CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Exploit availability: No

The vulnerability allows a remote user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation in the web-based management interface. A remote authenticated user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.

Install updates from vendor's website.

ArubaOS: 8.6.0.0 - 10.3.1.0

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Out-of-bounds read

EUVDB-ID: #VU56064

Risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2021-3712

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition when processing ASN.1 strings related to a confusion with NULL termination of strings in array. A remote attacker can pass specially crafted data to the application to trigger an out-of-bounds read error and read contents of memory on the system or perform a denial of service (DoS) attack.

Install updates from vendor's website.

SD-WAN: 8.7.0.0-2.3.0.0 - 8.7.0.0-2.3.0.8

ArubaOS: 8.6.0.0 - 10.3.1.0

• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.0:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.1:*:*:*:*:*:*:*
• cpe:2.3:h:aruba_networks:sd-wan:8.7.0.0-2.3.0.2:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.0:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.1:*:*:*:*:*:*:*
• cpe:2.3:o:aruba_networks:arubaos:8.6.0.2:*:*:*:*:*:*:*

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.