CVE-2023-22774Path Traversal in Arubaos

CWE-22Path Traversal3 documents3 sources
Severity
6.5MEDIUMNVD
CNA7.2
EPSS
1.1%
top 22.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Arubanetworks ArubaosArubanetworks Sd-wan
Timeline
PublishedMar 1

Description

Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files in the underlying operating system.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:HExploitability: 1.2 | Impact: 5.2

Affected Packages2 packages

NVDarubanetworks/arubaos8.6.0.08.6.0.19+2
NVDarubanetworks/sd-wan8.7.0.0-2.3.0.08.7.0.0-2.3.0.8

🔴Vulnerability Details

2
GHSA
GHSA-4c8m-878j-r5j4: Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface2023-03-01
CVEList
Authenticated Path Traversal in ArubaOS Command Line Interface Allows for Arbitrary File Deletion.2023-02-28
CVE-2023-22774 — Path Traversal in Arubaos | cvebase