CVE-2023-35977

Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
OR cpe:2.3:a:arubanetworks:mc-va-10:-:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:mc-va-1k:-:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:mc-va-250:-:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:mc-va-50:-:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:mcr-va-10k:-:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:mcr-va-1k:-:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:mcr-va-50:-:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:mcr-va-500:-:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:mcr-va-5k:-:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:sd-wan:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:mcr-hw-10k:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:mcr-hw-1k:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:mcr-hw-5k:-:*:*:*:*:*:*:*

History

11 Jul 2023, 19:28

Type Values Removed Values Added
First Time Arubanetworks sd-wan
Arubanetworks mcr-va-50
Arubanetworks mc-va-250
Arubanetworks mcr-hw-5k
Arubanetworks mcr-va-500
Arubanetworks mc-va-1k
Arubanetworks mcr-hw-1k
Arubanetworks mcr-hw-10k
Arubanetworks mcr-va-1k
Arubanetworks mcr-va-10k
Arubanetworks mc-va-10
Arubanetworks mc-va-50
Arubanetworks
Arubanetworks arubaos
Arubanetworks mcr-va-5k
CPE cpe:2.3:a:arubanetworks:mcr-va-5k:-:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:mc-va-1k:-:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:mcr-va-50:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:mcr-hw-1k:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:mcr-hw-5k:-:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:mcr-va-500:-:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:mc-va-250:-:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:mc-va-10:-:*:*:*:*:*:*:*
cpe:2.3:h:arubanetworks:mcr-hw-10k:-:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:mc-va-50:-:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:mcr-va-10k:-:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:sd-wan:-:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:mcr-va-1k:-:*:*:*:*:*:*:*
References (MISC) https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt - (MISC) https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.5
CWE NVD-CWE-noinfo

05 Jul 2023, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-07-05 15:15

Updated : 2024-02-28 20:13


NVD link : CVE-2023-35977

Mitre link : CVE-2023-35977

CVE.ORG link : CVE-2023-35977


JSON object : View

Products Affected

arubanetworks

  • mcr-va-50
  • mc-va-250
  • mcr-hw-10k
  • mcr-hw-5k
  • mcr-va-1k
  • mc-va-1k
  • mcr-va-10k
  • arubaos
  • mcr-va-5k
  • mc-va-10
  • sd-wan
  • mcr-hw-1k
  • mcr-va-500
  • mc-va-50