CVE-2022-37901
CVE-2022-37901
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.2EPSS 1.7%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
03 nov 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Hewlett Packard Enterprise · Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →