Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-23690

A vulnerability in the web-based management interface of AOS-CX could allow a remote unauthenticated attacker to fingerprint the exact version AOS-CX running on the switch. This allows an attacker to retrieve information which could be used to more precisely target the switch for further exploitation in ArubaOS-CX Switches version(s): AOS-CX 10.10.xxxx: 10.10.0002 and below, AOS-CX 10.09.xxxx: 10.09.1020 and below, AOS-CX 10.08.xxxx: 10.08.1060 and below, AOS-CX 10.06.xxxx: 10.06.0200 and below. Aruba has released upgrades for ArubaOS-CX Switch Devices that address this security vulnerability.

Published

2022-09-06T18:15:11.350

Last Modified

2024-11-21T06:49:06.600

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.3 (MEDIUM)

Weaknesses
  • Type: Primary
    NVD-CWE-noinfo
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System arubanetworks aos-cx < 10.06.0200 Yes
Operating System arubanetworks aos-cx < 10.08.1060 Yes
Operating System arubanetworks aos-cx < 10.09.1020 Yes
Operating System arubanetworks aos-cx < 10.10.0002 Yes
Hardware arubanetworks cx_10000 - No
Operating System arubanetworks aos-cx < 10.06.0200 Yes
Operating System arubanetworks aos-cx < 10.08.1060 Yes
Operating System arubanetworks aos-cx < 10.09.1020 Yes
Operating System arubanetworks aos-cx < 10.10.0002 Yes
Hardware arubanetworks cx_8325 - No
Operating System arubanetworks aos-cx < 10.06.0200 Yes
Operating System arubanetworks aos-cx < 10.08.1060 Yes
Operating System arubanetworks aos-cx < 10.09.1020 Yes
Operating System arubanetworks aos-cx < 10.10.0002 Yes
Hardware arubanetworks cx_8320 - No
Operating System arubanetworks aos-cx < 10.06.0200 Yes
Operating System arubanetworks aos-cx < 10.08.1060 Yes
Operating System arubanetworks aos-cx < 10.09.1020 Yes
Operating System arubanetworks aos-cx < 10.10.0002 Yes
Hardware arubanetworks cx_9300 - No
Operating System arubanetworks aos-cx < 10.06.0200 Yes
Operating System arubanetworks aos-cx < 10.08.1060 Yes
Operating System arubanetworks aos-cx < 10.09.1020 Yes
Operating System arubanetworks aos-cx < 10.10.0002 Yes
Hardware arubanetworks cx_8360 - No
Operating System arubanetworks aos-cx < 10.06.0200 Yes
Operating System arubanetworks aos-cx < 10.08.1060 Yes
Operating System arubanetworks aos-cx < 10.09.1020 Yes
Operating System arubanetworks aos-cx < 10.10.0002 Yes
Hardware arubanetworks cx_6400 - No
Operating System arubanetworks aos-cx < 10.06.0200 Yes
Operating System arubanetworks aos-cx < 10.08.1060 Yes
Operating System arubanetworks aos-cx < 10.09.1020 Yes
Operating System arubanetworks aos-cx < 10.10.0002 Yes
Hardware arubanetworks cx_6300 - No
Operating System arubanetworks aos-cx < 10.06.0200 Yes
Operating System arubanetworks aos-cx < 10.08.1060 Yes
Operating System arubanetworks aos-cx < 10.09.1020 Yes
Operating System arubanetworks aos-cx < 10.10.0002 Yes
Hardware arubanetworks cx_6200f - No
Operating System arubanetworks aos-cx < 10.06.0200 Yes
Operating System arubanetworks aos-cx < 10.08.1060 Yes
Operating System arubanetworks aos-cx < 10.09.1020 Yes
Operating System arubanetworks aos-cx < 10.10.0002 Yes
Hardware arubanetworks cx_6100 - No
Operating System arubanetworks aos-cx < 10.06.0200 Yes
Operating System arubanetworks aos-cx < 10.08.1060 Yes
Operating System arubanetworks aos-cx < 10.09.1020 Yes
Operating System arubanetworks aos-cx < 10.10.0002 Yes
Hardware arubanetworks cx_6000 - No
Operating System arubanetworks aos-cx < 10.06.0200 Yes
Operating System arubanetworks aos-cx < 10.08.1060 Yes
Operating System arubanetworks aos-cx < 10.09.1020 Yes
Operating System arubanetworks aos-cx < 10.10.0002 Yes
Hardware arubanetworks cx_4100i - No
Operating System arubanetworks aos-cx < 10.06.0200 Yes
Operating System arubanetworks aos-cx < 10.08.1060 Yes
Operating System arubanetworks aos-cx < 10.09.1020 Yes
Operating System arubanetworks aos-cx < 10.10.0002 Yes
Hardware arubanetworks cx_8400 - No
References