SB2023030113 - Multiple vulnerabilities in ArubaOS and Aruba SD-WAN
Published: March 1, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 33 secuirty vulnerabilities.
1) OS Command Injection (CVE-ID: CVE-2023-22764)
The vulnerability allows a local user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.
2) Stored cross-site scripting (CVE-ID: CVE-2023-22778)
The disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
3) Improper access control (CVE-ID: CVE-2023-22777)
The vulnerability allows a remote user to gain unauthorized access to sensitive information.
The vulnerability exists due to improper access restrictions in the web-based management interface. A remote user can bypass implemented security restrictions and read arbitrary files on the system.
4) Path traversal (CVE-ID: CVE-2023-22776)
The vulnerability allows a local user to read arbitrary files on the device.
The vulnerability exists due to input validation error when processing directory traversal sequences in the CLI. A local user can pass specially crafted arguments to the CLI commands and read arbitrary files on the system.
5) Improper access control (CVE-ID: CVE-2023-22775)
The vulnerability allows a local user to gain unauthorized access to sensitive information.
The vulnerability exists due to improper access restrictions in the CLI. A local user can bypass implemented security restrictions and gain unauthorized access to sensitive information.
6) Path traversal (CVE-ID: CVE-2023-22774)
The vulnerability allows a local user to delete arbitrary files on the device.
The vulnerability exists due to input validation error when processing directory traversal sequences in the CLI. A local user can pass specially crafted arguments to the CLI commands and delete arbitrary files on the system.
7) Path traversal (CVE-ID: CVE-2023-22773)
The vulnerability allows a local user to delete arbitrary files on the device.
The vulnerability exists due to input validation error when processing directory traversal sequences in the CLI. A local user can pass specially crafted arguments to the CLI commands and delete arbitrary files on the system.
8) Path traversal (CVE-ID: CVE-2023-22772)
The vulnerability allows a remote user to delete arbitrary files on the device.
The vulnerability exists due to input validation error when processing directory traversal sequences in the web-based interface. A remote user can send a specially crafted HTTP request and delete arbitrary files on the system.
9) Insufficient Session Expiration (CVE-ID: CVE-2023-22771)
The vulnerability allows a local user to gain unauthorized access to system.
The vulnerability exists due to insufficient session expiration issue in the command line interface. A local user can keep an active session on the affected device even after their account has been removed.
10) OS Command Injection (CVE-ID: CVE-2023-22770)
The vulnerability allows a local user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.
11) OS Command Injection (CVE-ID: CVE-2023-22769)
The vulnerability allows a local user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.
12) OS Command Injection (CVE-ID: CVE-2023-22768)
The vulnerability allows a local user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.
13) OS Command Injection (CVE-ID: CVE-2023-22767)
The vulnerability allows a local user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.
14) OS Command Injection (CVE-ID: CVE-2023-22766)
The vulnerability allows a local user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.
15) OS Command Injection (CVE-ID: CVE-2023-22765)
The vulnerability allows a local user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.
16) OS Command Injection (CVE-ID: CVE-2023-22763)
The vulnerability allows a local user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.
17) OS Command Injection (CVE-ID: CVE-2023-22747)
The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the PAPI Protocol. A remote unauthenticated attacker can send specially crafted packets to port 8211/UDP and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
18) Buffer overflow (CVE-ID: CVE-2023-22754)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the PAPI Protocol. A remote attacker can send specially crafted packets to port 8211/UDP, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
19) OS Command Injection (CVE-ID: CVE-2023-22748)
The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the PAPI Protocol. A remote unauthenticated attacker can send specially crafted packets to port 8211/UDP and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
20) OS Command Injection (CVE-ID: CVE-2023-22749)
The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the PAPI Protocol. A remote unauthenticated attacker can send specially crafted packets to port 8211/UDP and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
21) OS Command Injection (CVE-ID: CVE-2023-22750)
The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the PAPI Protocol. A remote unauthenticated attacker can send specially crafted packets to port 8211/UDP and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
22) Stack-based buffer overflow (CVE-ID: CVE-2023-22751)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the PAPI Protocol. A remote unauthenticated attacker can send specially crafted packets to the port 8211/UDP, trigger a stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
23) Stack-based buffer overflow (CVE-ID: CVE-2023-22752)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the PAPI Protocol. A remote unauthenticated attacker can send specially crafted packets to the port 8211/UDP, trigger a stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
24) Buffer overflow (CVE-ID: CVE-2023-22753)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the PAPI Protocol. A remote attacker can send specially crafted packets to port 8211/UDP, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
25) Buffer overflow (CVE-ID: CVE-2023-22755)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the PAPI Protocol. A remote attacker can send specially crafted packets to port 8211/UDP, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
26) OS Command Injection (CVE-ID: CVE-2023-22762)
The vulnerability allows a local user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the CLI. A local user can pass specially crafted arguments via the CLI and execute arbitrary OS commands on the target system.
27) Buffer overflow (CVE-ID: CVE-2023-22756)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the PAPI Protocol. A remote attacker can send specially crafted packets to port 8211/UDP, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
28) Buffer overflow (CVE-ID: CVE-2023-22757)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in the PAPI Protocol. A remote attacker can send specially crafted packets to port 8211/UDP, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
29) OS Command Injection (CVE-ID: CVE-2023-22758)
The vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the web-based management interface. A remote authenticated user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
30) OS Command Injection (CVE-ID: CVE-2023-22759)
The vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the web-based management interface. A remote authenticated user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
31) OS Command Injection (CVE-ID: CVE-2023-22760)
The vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the web-based management interface. A remote authenticated user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
32) OS Command Injection (CVE-ID: CVE-2023-22761)
The vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to improper input validation in the web-based management interface. A remote authenticated user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
33) Out-of-bounds read (CVE-ID: CVE-2021-3712)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when processing ASN.1 strings related to a confusion with NULL termination of strings in array. A remote attacker can pass specially crafted data to the application to trigger an out-of-bounds read error and read contents of memory on the system or perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.