CVE-2023-22757

There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:arubanetworks:sd-wan:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:45

Type Values Removed Values Added
References () https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt - Vendor Advisory () https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt - Vendor Advisory
CVSS v2 : unknown
v3 : 9.8
v2 : unknown
v3 : 8.1

07 Nov 2023, 04:07

Type Values Removed Values Added
Summary There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.

Information

Published : 2023-03-01 08:15

Updated : 2024-11-21 07:45


NVD link : CVE-2023-22757

Mitre link : CVE-2023-22757

CVE.ORG link : CVE-2023-22757


JSON object : View

Products Affected

arubanetworks

  • sd-wan
  • arubaos
CWE
CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')