Authenticated Remote Command Execution in Aruba InstantOS or ArubaOS 10 Command Line Interface
CVE-2023-22789

8.8HIGH

Key Information:

Vendor: HP (HP)
Status: Aruba Access Points Running Instantos And Arubaos 10
Vendor: CVE Published:; 8 May 2023

What is CVE-2023-22789?

Multiple authenticated command injection vulnerabilities exist in the command line interface of Aruba InstantOS and ArubaOS 10. By exploiting these vulnerabilities, an attacker could execute arbitrary commands as a privileged user, potentially compromising the security of the underlying operating system. Proper security measures must be implemented to mitigate the risk associated with these vulnerabilities.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Aruba Access Points running InstantOS and ArubaOS 10 Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below

Aruba Access Points running InstantOS and ArubaOS 10 Aruba InstantOS 6.5.x: 6.5.4.23 and below

References

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 8, 2023
Vulnerability Reserved
Jan 6, 2023

Credit

Daniel Jensen (@dozernz)

JSON

HP (HP)

What is CVE-2023-22789?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.