Описание
Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system.
Уязвимые конфигурации
Конфигурация 1Версия от 8.6.0.0 (включая) до 8.10.0.21 (исключая)Версия от 8.11.0.0 (включая) до 8.13.1.1 (исключая)
Одно из
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
EPSS
Процентиль: 29%
0.00103
Низкий
7.2 High
CVSS3
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 7.2
github
25 дней назад
Authenticated command injection vulnerabilities exist in the web-based management interface of mobility conductors running AOS-8 operating system. Successful exploitation could allow an authenticated malicious actor to execute arbitrary commands as a privileged user on the underlying operating system.
EPSS
Процентиль: 29%
0.00103
Низкий
7.2 High
CVSS3
Дефекты
CWE-78