First published: Tue Nov 14 2023(Updated: )
Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
|Affected Software||Affected Version||How to fix|
CVE-2023-45625 is a vulnerability that allows authenticated users to execute arbitrary commands as a privileged user on the affected operating system.
CVE-2023-45625 affects Arubanetworks ArubaOS versions 10.3.0.0 through 10.4.0.3, as well as Arubanetworks ArubaOS version 10.5.0.0 and Hp InstantOS versions 220.127.116.11 through 18.104.22.168, 22.214.171.124 through 126.96.36.199, and 188.8.131.52 through 184.108.40.206.
CVE-2023-45625 has a severity rating of 7.2 (high).
An attacker with authenticated access can exploit CVE-2023-45625 by injecting arbitrary commands through the command line interface, allowing them to execute commands as a privileged user.
Yes, a fix for CVE-2023-45625 may be available through a software update or patch released by the vendor. It is recommended to apply the latest updates to mitigate this vulnerability.