PT-2023-2054 · Aruba · Arubaos
Nikita Abramov
·
Published
2023-02-28
·
Updated
2025-03-07
·
CVE-2023-22772
CVSS v2.0
8.5
High
| Vector | AV:N/AC:L/Au:S/C:N/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
ArubaOS (affected versions not specified)
Description
The issue is related to an authenticated path traversal vulnerability in the ArubaOS web-based management interface. This vulnerability allows for the deletion of arbitrary files in the underlying operating system. The vulnerability is associated with incorrect restriction of directory path names with limited access.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Arubaos