CVE-2023-30510 – Authenticated Server-side Request Forgery in Aruba EdgeConnect Enterprise Web Management Interface
https://notcve.org/view.php?id=CVE-2023-30510
A vulnerability exists in the Aruba EdgeConnect Enterprise web management interface that allows remote authenticated users to issue arbitrary URL requests from the Aruba EdgeConnect Enterprise instance. The impact of this vulnerability is limited to a subset of URLs which can result in the possible disclosure of data due to the network position of the Aruba EdgeConnect Enterprise instance. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt •
CVE-2023-30509 – Authenticated Remote Path Traversal in Aruba EdgeConnect Enterprise Command Line Interface
https://notcve.org/view.php?id=CVE-2023-30509
Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-30508 – Authenticated Remote Path Traversal in Aruba EdgeConnect Enterprise Command Line Interface
https://notcve.org/view.php?id=CVE-2023-30508
Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-30507 – Authenticated Remote Path Traversal in Aruba EdgeConnect Enterprise Command Line Interface
https://notcve.org/view.php?id=CVE-2023-30507
Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-30506 – Authenticated Remote Code Execution in Aruba EdgeConnect Enterprise Command Line Interface
https://notcve.org/view.php?id=CVE-2023-30506
Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt •