PT-2022-26649 · Array Networks · Array Ag Os
Published
2022-10-12
·
Updated
2025-05-15
·
CVE-2022-42897
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Array Networks AG/vxAG with ArrayOS AG versions prior to 9.4.0.469
Description
The issue allows unauthenticated command injection, leading to privilege escalation and control of the system.
Recommendations
For versions prior to 9.4.0.469, update to version 9.4.0.469 or later to resolve the issue.
Fix
LPE
Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Array Ag Os