CVE-2022-23684
Severity Score
8.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in the web-based management interface of AOS-CX could allow a remote authenticated user with read-only privileges to escalate their permissions to those of an administrative user. Successful exploitation of this vulnerability allows an attacker to escalate privileges beyond their authorized level in ArubaOS-CX Switches version(s): AOS-CX 10.09.xxxx: 10.09.1020 and below, AOS-CX 10.08.xxxx: 10.08.1060 and below, AOS-CX 10.06.xxxx: 10.06.0200 and below. Aruba has released upgrades for ArubaOS-CX Switch Devices that address this security vulnerability.
Una vulnerabilidad en la interfaz de administración basada en web de AOS-CX podría permitir a un usuario remoto autenticado privilegiado de sólo lectura escalar sus permisos a los de un usuario administrativo. Una explotación con éxito de esta vulnerabilidad permite a un atacante escalar los privilegios más allá de su nivel autorizado en los Switches ArubaOS-CX versión(es): AOS-CX 10.09.xxxx: 10.09.1020 y anteriores, AOS-CX 10.08.xxxx: 10.08.1060 y anteriores, AOS-CX 10.06.xxxx: 10.06.0200 y anteriores. Aruba ha publicado actualizaciones para los dispositivos ArubaOS-CX Switches que abordan esta vulnerabilidad de seguridad.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-01-19 CVE Reserved
- 2022-09-06 CVE Published
- 2024-08-03 CVE Updated
- 2024-08-21 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-012.txt | 2022-09-12 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.06.0000 < 10.06.0210 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.06.0000 < 10.06.0210" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 10000 Search vendor "Arubanetworks" for product "Cx 10000" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.08.0000 < 10.08.1070 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.08.0000 < 10.08.1070" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 10000 Search vendor "Arubanetworks" for product "Cx 10000" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.09.0000 < 10.09.1030 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.09.0000 < 10.09.1030" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 10000 Search vendor "Arubanetworks" for product "Cx 10000" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.06.0000 < 10.06.0210 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.06.0000 < 10.06.0210" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 8325 Search vendor "Arubanetworks" for product "Cx 8325" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.08.0000 < 10.08.1070 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.08.0000 < 10.08.1070" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 8325 Search vendor "Arubanetworks" for product "Cx 8325" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.09.0000 < 10.09.1030 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.09.0000 < 10.09.1030" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 8325 Search vendor "Arubanetworks" for product "Cx 8325" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.06.0000 < 10.06.0210 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.06.0000 < 10.06.0210" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 8320 Search vendor "Arubanetworks" for product "Cx 8320" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.08.0000 < 10.08.1070 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.08.0000 < 10.08.1070" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 8320 Search vendor "Arubanetworks" for product "Cx 8320" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.09.0000 < 10.09.1030 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.09.0000 < 10.09.1030" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 8320 Search vendor "Arubanetworks" for product "Cx 8320" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.06.0000 < 10.06.0210 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.06.0000 < 10.06.0210" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 9300 Search vendor "Arubanetworks" for product "Cx 9300" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.08.0000 < 10.08.1070 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.08.0000 < 10.08.1070" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 9300 Search vendor "Arubanetworks" for product "Cx 9300" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.09.0000 < 10.09.1030 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.09.0000 < 10.09.1030" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 9300 Search vendor "Arubanetworks" for product "Cx 9300" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.06.0000 < 10.06.0210 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.06.0000 < 10.06.0210" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 8360 Search vendor "Arubanetworks" for product "Cx 8360" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.08.0000 < 10.08.1070 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.08.0000 < 10.08.1070" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 8360 Search vendor "Arubanetworks" for product "Cx 8360" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.09.0000 < 10.09.1030 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.09.0000 < 10.09.1030" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 8360 Search vendor "Arubanetworks" for product "Cx 8360" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.06.0000 < 10.06.0210 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.06.0000 < 10.06.0210" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 6400 Search vendor "Arubanetworks" for product "Cx 6400" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.08.0000 < 10.08.1070 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.08.0000 < 10.08.1070" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 6400 Search vendor "Arubanetworks" for product "Cx 6400" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.09.0000 < 10.09.1030 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.09.0000 < 10.09.1030" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 6400 Search vendor "Arubanetworks" for product "Cx 6400" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.06.0000 < 10.06.0210 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.06.0000 < 10.06.0210" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 6300 Search vendor "Arubanetworks" for product "Cx 6300" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.08.0000 < 10.08.1070 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.08.0000 < 10.08.1070" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 6300 Search vendor "Arubanetworks" for product "Cx 6300" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.09.0000 < 10.09.1030 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.09.0000 < 10.09.1030" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 6300 Search vendor "Arubanetworks" for product "Cx 6300" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.06.0000 < 10.06.0210 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.06.0000 < 10.06.0210" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 6200f Search vendor "Arubanetworks" for product "Cx 6200f" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.08.0000 < 10.08.1070 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.08.0000 < 10.08.1070" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 6200f Search vendor "Arubanetworks" for product "Cx 6200f" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.09.0000 < 10.09.1030 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.09.0000 < 10.09.1030" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 6200f Search vendor "Arubanetworks" for product "Cx 6200f" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.06.0000 < 10.06.0210 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.06.0000 < 10.06.0210" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 6100 Search vendor "Arubanetworks" for product "Cx 6100" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.08.0000 < 10.08.1070 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.08.0000 < 10.08.1070" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 6100 Search vendor "Arubanetworks" for product "Cx 6100" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.09.0000 < 10.09.1030 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.09.0000 < 10.09.1030" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 6100 Search vendor "Arubanetworks" for product "Cx 6100" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.06.0000 < 10.06.0210 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.06.0000 < 10.06.0210" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 6000 Search vendor "Arubanetworks" for product "Cx 6000" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.08.0000 < 10.08.1070 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.08.0000 < 10.08.1070" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 6000 Search vendor "Arubanetworks" for product "Cx 6000" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.09.0000 < 10.09.1030 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.09.0000 < 10.09.1030" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 6000 Search vendor "Arubanetworks" for product "Cx 6000" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.06.0000 < 10.06.0210 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.06.0000 < 10.06.0210" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 4100i Search vendor "Arubanetworks" for product "Cx 4100i" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.08.0000 < 10.08.1070 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.08.0000 < 10.08.1070" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 4100i Search vendor "Arubanetworks" for product "Cx 4100i" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.09.0000 < 10.09.1030 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.09.0000 < 10.09.1030" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 4100i Search vendor "Arubanetworks" for product "Cx 4100i" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.06.0000 < 10.06.0210 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.06.0000 < 10.06.0210" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 8400 Search vendor "Arubanetworks" for product "Cx 8400" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.08.0000 < 10.08.1070 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.08.0000 < 10.08.1070" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 8400 Search vendor "Arubanetworks" for product "Cx 8400" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aos-cx Search vendor "Arubanetworks" for product "Aos-cx" | >= 10.09.0000 < 10.09.1030 Search vendor "Arubanetworks" for product "Aos-cx" and version " >= 10.09.0000 < 10.09.1030" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Cx 8400 Search vendor "Arubanetworks" for product "Cx 8400" | - | - |
Safe
|