Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
2023-03-01T08:15:13.637
2025-03-11T14:15:18.077
Modified
CVSSv3.1: 7.2 (HIGH)
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Operating System | arubanetworks | arubaos | ≤ 8.6.0.19 | Yes |
Operating System | arubanetworks | arubaos | ≤ 8.10.0.4 | Yes |
Operating System | arubanetworks | arubaos | ≤ 10.3.1.0 | Yes |
Hardware | arubanetworks | 7010 | - | No |
Hardware | arubanetworks | 7030 | - | No |
Hardware | arubanetworks | 7205 | - | No |
Hardware | arubanetworks | 7210 | - | No |
Hardware | arubanetworks | 7220 | - | No |
Hardware | arubanetworks | 7240xm | - | No |
Hardware | arubanetworks | 7280 | - | No |
Hardware | arubanetworks | 9004 | - | No |
Hardware | arubanetworks | 9004-lte | - | No |
Hardware | arubanetworks | 9012 | - | No |
Hardware | arubanetworks | mc-va-10 | - | No |
Hardware | arubanetworks | mc-va-1k | - | No |
Hardware | arubanetworks | mc-va-250 | - | No |
Hardware | arubanetworks | mc-va-50 | - | No |
Hardware | arubanetworks | mcr-hw-10k | - | No |
Hardware | arubanetworks | mcr-hw-1k | - | No |
Hardware | arubanetworks | mcr-hw-5k | - | No |
Hardware | arubanetworks | mcr-va-10k | - | No |
Hardware | arubanetworks | mcr-va-1k | - | No |
Hardware | arubanetworks | mcr-va-50 | - | No |
Hardware | arubanetworks | mcr-va-500 | - | No |
Hardware | arubanetworks | mcr-va-5k | - | No |
Application | arubanetworks | sd-wan | ≤ 8.7.0.0-2.3.0.8 | Yes |