PT-2023-22741 · Aruba · Aruba Edgeconnect Enterprise

Published

2023-05-16

Updated

2023-07-07

CVE-2023-30510

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Aruba EdgeConnect Enterprise (affected versions not specified)

Description A vulnerability exists in the Aruba EdgeConnect Enterprise web management interface that allows remote authenticated users to issue arbitrary URL requests from the Aruba EdgeConnect Enterprise instance. The impact of this issue is limited to a subset of URLs which can result in the possible disclosure of data due to the network position of the Aruba EdgeConnect Enterprise instance.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-30510

Affected Products

Aruba Edgeconnect Enterprise

PT-2023-22741 · Aruba · Aruba Edgeconnect Enterprise

CVE-2023-30510

Related Identifiers

Affected Products

References · 7