Authenticated Remote Code Execution in Aruba EdgeConnect Enterprise Command Line Interface
CVE-2023-30506
8.8HIGH
What is CVE-2023-30506?
A command injection vulnerability exists in the command line interface of Aruba EdgeConnect Enterprise. This flaw enables remote authenticated users to execute arbitrary commands on the underlying operating system, leading to potential full system compromise. The vulnerability can be exploited by leveraging the command execution capabilities within the system, posing a significant risk to all operational environments utilizing the affected product.
Affected Version(s)
Aruba EdgeConnect Enterprise Software ECOS 9.2.x.x <= 9.2.3.0
Aruba EdgeConnect Enterprise Software ECOS 9.2.x.x <= 9.2.3.0
Aruba EdgeConnect Enterprise Software ECOS 9.1.x.x <= 9.1.5.0