CVE-2022-37903

CVSS V2 None CVSS V3 None
Description
A vulnerability exists that allows an authenticated attacker to overwrite an arbitrary file with attacker-controlled content via the web interface. Successful exploitation of this vulnerability could lead to full compromise the underlying host operating system.
Overview
  • CVE ID
  • CVE-2022-37903
  • Assigner
  • security-alert@hpe.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-12T13:15:12
  • Last Modified Date
  • 2022-12-15T15:25:20
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:a:arubanetworks:sd-wan:*:*:*:*:*:*:*:* 1 OR 8.7.0.0-2.3.0.0 8.7.0.0-2.3.0.7
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:* 1 OR 6.5.4.0 6.5.4.23
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:* 1 OR 8.4.0.0 8.6.0.18
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:* 1 OR 8.7.0.0 8.7.1.10
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:* 1 OR 8.8.0.0 8.9.0.3
cpe:2.3:o:arubanetworks:arubaos:10.3.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:arubanetworks:7005:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:arubanetworks:7008:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:arubanetworks:7010:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:arubanetworks:7024:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:arubanetworks:7030:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:arubanetworks:7205:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:arubanetworks:7210:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:arubanetworks:7220:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:arubanetworks:7240xm:-:*:*:*:*:*:*:* 0 OR
cpe:2.3:h:arubanetworks:7280:-:*:*:*:*:*:*:* 0 OR
History
Created Old Value New Value Data Type Notes
2022-12-12 13:15:34 Added to TrackCVE
2022-12-12 14:15:53 2022-12-12T13:15:12.863 2022-12-12T13:15:12 CVE Published Date updated
2022-12-12 14:15:53 2022-12-12T13:17:56 CVE Modified Date updated
2022-12-12 14:15:53 Received Awaiting Analysis Vulnerability Status updated
2022-12-12 20:15:48 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2022-12-15 16:17:43 2022-12-15T15:25:20 CVE Modified Date updated
2022-12-15 16:17:43 Undergoing Analysis Analyzed Vulnerability Status updated
2022-12-15 16:17:43 CWE-787 Weakness Enumeration new
2022-12-15 16:17:43 CPE Information updated