An authenticated remote code execution vulnerability exists in the AOS-CX Network Analytics Engine. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system, leading to a complete compromise of the switch running AOS-CX.
2023-03-22T06:15:09.390
2025-02-26T17:15:14.790
Modified
CVSSv3.1: 7.2 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | hpe | arubaos-cx | < 10.06.0240 | Yes |
| Operating System | hpe | arubaos-cx | ≤ 10.08.1070 | Yes |
| Operating System | hpe | arubaos-cx | ≤ 10.09.1020 | Yes |
| Operating System | hpe | arubaos-cx | < 10.10.1030 | Yes |
| Hardware | hpe | aruba_cx_10000-48y6 | - | No |
| Hardware | hpe | aruba_cx_6200f_48g | - | No |
| Hardware | hpe | aruba_cx_6200m_24g | - | No |
| Hardware | hpe | aruba_cx_6300m_24p | - | No |
| Hardware | hpe | aruba_cx_6300m_48g | - | No |
| Hardware | hpe | aruba_cx_6405 | - | No |
| Hardware | hpe | aruba_cx_6410 | - | No |
| Hardware | hpe | aruba_cx_8320-32 | - | No |
| Hardware | hpe | aruba_cx_8320-48p | - | No |
| Hardware | hpe | aruba_cx_8325-32c | - | No |
| Hardware | hpe | aruba_cx_8325-48y8c | - | No |
| Hardware | hpe | aruba_cx_8360-12c | - | No |
| Hardware | hpe | aruba_cx_8360-16y2c | - | No |
| Hardware | hpe | aruba_cx_8360-24xf2c | - | No |
| Hardware | hpe | aruba_cx_8360-32y4c | - | No |
| Hardware | hpe | aruba_cx_8360-48xt4c | - | No |
| Hardware | hpe | aruba_cx_8360-48y6c | - | No |
| Hardware | hpe | aruba_cx_8400 | - | No |
| Hardware | hpe | aruba_cx_9300_32d | - | No |