What is CVE-2023-22791?

CVE-2023-22791 is a vulnerability that exists in Aruba InstantOS and ArubaOS 10, which can lead to sensitive information being disclosed via the WLAN.

How does CVE-2023-22791 impact my system?

CVE-2023-22791 can result in the disclosure of sensitive information on systems running Aruba InstantOS and ArubaOS 10.

What is the severity of CVE-2023-22791?

CVE-2023-22791 has a severity level of 4.8, which is considered medium.

How can I fix CVE-2023-22791?

To fix CVE-2023-22791, it is recommended to update to the latest version of Aruba InstantOS or ArubaOS 10.

Where can I find more information about CVE-2023-22791?

You can find more information about CVE-2023-22791 at the following link: [https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txt](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txt)

Vulnerability/
CVE-2023-22791

medium

5.4

8/5/2023

12/5/2023

CVE-2023-22791

First published: Mon May 08 2023(Updated: )

A vulnerability exists in Aruba InstantOS and ArubaOS 10 where an edge-case combination of network configuration, a specific WLAN environment and an attacker already possessing valid user credentials on that WLAN can lead to sensitive information being disclosed via the WLAN. The scenarios in which this disclosure of potentially sensitive information can occur are complex and depend on factors that are beyond the control of the attacker.

Credit: security-alert@hpe.com

Affected Software	Affected Version	How to fix
Arubanetworks Arubaos	>=10.3.0.0<=10.3.1.0
Hp Instantos	>=6.4.0.0<=6.4.4.8-4.2.4.20
Hp Instantos	>=6.5.0.0<=6.5.4.23
Hp Instantos	>=8.4.0.0<8.6.0.0
Hp Instantos	>=8.6.0.0<=8.6.0.19
Hp Instantos	>=8.7.0.0<=8.9.0.0
Hp Instantos	>=8.10.0.0<=8.10.0.4

Never miss a vulnerability like this again

Reference Links

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txt

Frequently Asked Questions

What is CVE-2023-22791?
CVE-2023-22791 is a vulnerability that exists in Aruba InstantOS and ArubaOS 10, which can lead to sensitive information being disclosed via the WLAN.
How does CVE-2023-22791 impact my system?
CVE-2023-22791 can result in the disclosure of sensitive information on systems running Aruba InstantOS and ArubaOS 10.
What is the severity of CVE-2023-22791?
CVE-2023-22791 has a severity level of 4.8, which is considered medium.
How can I fix CVE-2023-22791?
To fix CVE-2023-22791, it is recommended to update to the latest version of Aruba InstantOS or ArubaOS 10.
Where can I find more information about CVE-2023-22791?
You can find more information about CVE-2023-22791 at the following link: [https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txt](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txt)

collector/nvd-latest
collector/nvd-index
vendor/arubanetworks
canonical/arubanetworks arubaos
version/arubanetworks arubaos/10.3.0.0
version/arubanetworks arubaos/10.3.1.0
vendor/hp
canonical/hp instantos
version/hp instantos/6.4.0.0
version/hp instantos/6.4.4.8-4.2.4.20
version/hp instantos/6.5.0.0
version/hp instantos/6.5.4.23
version/hp instantos/8.4.0.0
version/hp instantos/8.6.0.0
version/hp instantos/8.6.0.19
version/hp instantos/8.7.0.0
version/hp instantos/8.9.0.0
version/hp instantos/8.10.0.0
version/hp instantos/8.10.0.4

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.