CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38402 – Arbitrary File Overwrite in HPE Aruba Networking Virtual Intranet Access (VIA) Microsoft Windows Client
https://notcve.org/view.php?id=CVE-2023-38402
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38401 – Local Privilege Escalation in HPE Aruba Networking Virtual Intranet Access (VIA) Microsoft Windows Client
https://notcve.org/view.php?id=CVE-2023-38401
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2022-23678
https://notcve.org/view.php?id=CVE-2022-23678
A vulnerability in the Aruba Virtual Intranet Access (VIA) client for Microsoft Windows operating system client communications that could allow for an attacker in a privileged network position to intercept sensitive information in Aruba Virtual Intranet Access (VIA) client for Microsoft Windows operating system versions: 4.3.0 build 2208101 and below. Aruba has released upgrades for Virtual Intranet Access (VIA) Client that address this security vulnerability. Una vulnerabilidad en las comunicaciones del cliente Aruba Virtual Intranet Access (VIA) para el sistema operativo Microsoft Windows que podría permitir a un atacante en una posición de red privilegiada interceptar información confidencial en las versiones del cliente Aruba Virtual Intranet Access (VIA) para el sistema operativo Microsoft Windows: versiones 4.3.0 build 2208101 y posteriores. Aruba ha publicado actualizaciones para el cliente Virtual Intranet Access (VIA) que abordan esta vulnerabilidad de seguridad. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-011.txt •