PT-2023-22741 · Aruba · Aruba Edgeconnect Enterprise

Publicado

2023-05-16

Atualizado

2023-07-07

CVE-2023-30510

CVSS v3.1

4.3

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Aruba EdgeConnect Enterprise (affected versions not specified)

Description A vulnerability exists in the Aruba EdgeConnect Enterprise web management interface that allows remote authenticated users to issue arbitrary URL requests from the Aruba EdgeConnect Enterprise instance. The impact of this issue is limited to a subset of URLs which can result in the possible disclosure of data due to the network position of the Aruba EdgeConnect Enterprise instance.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2023-30510

Produtos afetados

Aruba Edgeconnect Enterprise

PT-2023-22741 · Aruba · Aruba Edgeconnect Enterprise

CVE-2023-30510

Identificadores relacionados

Produtos afetados

Referências · 7