CVE-2022-23691

Published Sep 6, 2022

Last updated a year ago

CVSS medium 6.8

Overview

Description: A vulnerability exists in certain AOS-CX switch models which could allow an attacker with access to the recovery console to bypass normal authentication. A successful exploit allows an attacker to bypass system authentication and achieve total switch compromise in ArubaOS-CX Switches version(s): AOS-CX 10.10.xxxx: 10.10.0002 and below, AOS-CX 10.09.xxxx: 10.09.1030 and below, AOS-CX 10.08.xxxx: 10.08.1070 and below, AOS-CX 10.06.xxxx: 10.06.0210 and below. Aruba has released upgrades for ArubaOS-CX Switch Devices that address this security vulnerability.
Source: security-alert@hpe.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 6.8
Impact score: 5.9
Exploitability score: 0.9
Vector string: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: MEDIUM

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:arubanetworks:aos-cx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDFA4485-2536-4A2F-8C9E-8D563D9154D2",
            "versionEndIncluding": "10.06.0210",
            "versionStartIncluding": "10.06.0000"
          },
          {
            "criteria": "cpe:2.3:o:arubanetworks:aos-cx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F08D076-E6F5-4168-825E-76ACA0381B6E",
            "versionEndIncluding": "10.08.1070",
            "versionStartIncluding": "10.08.0000"
          },
          {
            "criteria": "cpe:2.3:o:arubanetworks:aos-cx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08415D6F-9E00-4168-8FCD-70A97994F33F",
            "versionEndIncluding": "10.09.1030",
            "versionStartIncluding": "10.09.0000"
          },
          {
            "criteria": "cpe:2.3:o:arubanetworks:aos-cx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3153DF3A-4734-4A19-84DE-6CD94336B4D6",
            "versionEndIncluding": "10.10.0002",
            "versionStartIncluding": "10.10.0000"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:arubanetworks:cx_10000:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C7FDB8CF-F5C9-470E-B6B4-B541B9C8006B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:arubanetworks:aos-cx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDFA4485-2536-4A2F-8C9E-8D563D9154D2",
            "versionEndIncluding": "10.06.0210",
            "versionStartIncluding": "10.06.0000"
          },
          {
            "criteria": "cpe:2.3:o:arubanetworks:aos-cx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F08D076-E6F5-4168-825E-76ACA0381B6E",
            "versionEndIncluding": "10.08.1070",
            "versionStartIncluding": "10.08.0000"
          },
          {
            "criteria": "cpe:2.3:o:arubanetworks:aos-cx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08415D6F-9E00-4168-8FCD-70A97994F33F",
            "versionEndIncluding": "10.09.1030",
            "versionStartIncluding": "10.09.0000"
          },
          {
            "criteria": "cpe:2.3:o:arubanetworks:aos-cx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3153DF3A-4734-4A19-84DE-6CD94336B4D6",
            "versionEndIncluding": "10.10.0002",
            "versionStartIncluding": "10.10.0000"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:arubanetworks:cx_8325:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9645D616-077B-4313-B5EF-155B642CB073"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:arubanetworks:aos-cx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDFA4485-2536-4A2F-8C9E-8D563D9154D2",
            "versionEndIncluding": "10.06.0210",
            "versionStartIncluding": "10.06.0000"
          },
          {
            "criteria": "cpe:2.3:o:arubanetworks:aos-cx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F08D076-E6F5-4168-825E-76ACA0381B6E",
            "versionEndIncluding": "10.08.1070",
            "versionStartIncluding": "10.08.0000"
          },
          {
            "criteria": "cpe:2.3:o:arubanetworks:aos-cx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08415D6F-9E00-4168-8FCD-70A97994F33F",
            "versionEndIncluding": "10.09.1030",
            "versionStartIncluding": "10.09.0000"
          },
          {
            "criteria": "cpe:2.3:o:arubanetworks:aos-cx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3153DF3A-4734-4A19-84DE-6CD94336B4D6",
            "versionEndIncluding": "10.10.0002",
            "versionStartIncluding": "10.10.0000"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:arubanetworks:cx_8320:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7C93CD9C-1FD4-4E4A-9E3A-8FF19DE0D3AE"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:arubanetworks:aos-cx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EDFA4485-2536-4A2F-8C9E-8D563D9154D2",
            "versionEndIncluding": "10.06.0210",
            "versionStartIncluding": "10.06.0000"
          },
          {
            "criteria": "cpe:2.3:o:arubanetworks:aos-cx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1F08D076-E6F5-4168-825E-76ACA0381B6E",
            "versionEndIncluding": "10.08.1070",
            "versionStartIncluding": "10.08.0000"
          },
          {
            "criteria": "cpe:2.3:o:arubanetworks:aos-cx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "08415D6F-9E00-4168-8FCD-70A97994F33F",
            "versionEndIncluding": "10.09.1030",
            "versionStartIncluding": "10.09.0000"
          },
          {
            "criteria": "cpe:2.3:o:arubanetworks:aos-cx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3153DF3A-4734-4A19-84DE-6CD94336B4D6",
            "versionEndIncluding": "10.10.0002",
            "versionStartIncluding": "10.10.0000"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:arubanetworks:cx_9300:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C173D28A-1B18-4BB6-8CF2-95AFC62338DD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References