Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-35977


Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level.


Published

2023-07-05T15:15:09.720

Last Modified

2024-11-21T08:09:05.807

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

Weaknesses
  • Type: Primary
    NVD-CWE-noinfo

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System arubanetworks arubaos < 8.6.0.21 Yes
Operating System arubanetworks arubaos < 8.10.0.7 Yes
Operating System arubanetworks arubaos < 8.11.1.1 Yes
Operating System arubanetworks arubaos < 10.4.0.2 Yes
Application arubanetworks mc-va-10 - No
Application arubanetworks mc-va-1k - No
Application arubanetworks mc-va-250 - No
Application arubanetworks mc-va-50 - No
Application arubanetworks mcr-va-10k - No
Application arubanetworks mcr-va-1k - No
Application arubanetworks mcr-va-50 - No
Application arubanetworks mcr-va-500 - No
Application arubanetworks mcr-va-5k - No
Application arubanetworks sd-wan - No
Hardware arubanetworks mcr-hw-10k - No
Hardware arubanetworks mcr-hw-1k - No
Hardware arubanetworks mcr-hw-5k - No

References