Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-37920

Опубликовано: 12 дек. 2022
Источник: nvd
CVSS3: 7.2
EPSS Низкий

Описание

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*
Версия от 8.3.1.0 (включая) до 8.3.7.1 (включая)
cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*
Версия от 9.0.0.0 (включая) до 9.0.7.0 (включая)
cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*
Версия от 9.1.0.0 (включая) до 9.1.3.0 (включая)
cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*
Версия от 9.2.0.0 (включая) до 9.2.1.0 (включая)

EPSS

Процентиль: 66%
0.00522
Низкий

7.2 High

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

github логотип

GHSA-x7xw-rp68-gjmq

CVSS3: 7.2
github
около 3 лет назад

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.

EPSS

Процентиль: 66%
0.00522
Низкий

7.2 High

CVSS3

Дефекты

NVD-CWE-noinfo