CVE-2023-22773 – Authenticated Path Traversal in ArubaOS Command Line Interface Allows for Arbitrary File Deletion.
https://notcve.org/view.php?id=CVE-2023-22773
Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files in the underlying operating system. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-22772 – Authenticated Path Traversal in ArubaOS Web-based Management Interface Allows for Arbitrary File Deletion
https://notcve.org/view.php?id=CVE-2023-22772
An authenticated path traversal vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to delete arbitrary files in the underlying operating system. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-22771 – Insufficient Session Expiration in ArubaOS Command Line Interface
https://notcve.org/view.php?id=CVE-2023-22771
An insufficient session expiration vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability allows an attacker to keep a session running on an affected device after the removal of the impacted account • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt • CWE-613: Insufficient Session Expiration •
CVE-2023-22770 – Authenticated Remote Command Execution in the ArubaOS Command Line Interface
https://notcve.org/view.php?id=CVE-2023-22770
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2023-22769 – Authenticated Remote Command Execution in the ArubaOS Command Line Interface
https://notcve.org/view.php?id=CVE-2023-22769
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •