CVE-2023-22775

MEDIUM

Arubanetworks Sd-wan < 8.7.0.0-2.3.0.8 - Exposure to Wrong Actor

Title source: rule

Description

A vulnerability exists which allows an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level.

References (1)

[Vendor Advisory] https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-002.txt

Scores

CVSS v3 6.5

EPSS 0.0040

EPSS Percentile 60.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-668

Status published

Affected Products (2)

arubanetworks/sd-wan < 8.7.0.0-2.3.0.8

arubanetworks/arubaos < 8.6.0.19

Timeline

Published Mar 01, 2023

Tracked Since Feb 18, 2026