CVE-2023-45626
First published: Tue Nov 14 2023(Updated: )
An authenticated vulnerability has been identified allowing an attacker to effectively establish highly privileged persistent arbitrary code execution across boot cycles.
Credit: security-alert@hpe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Arubanetworks Arubaos | >=10.3.0.0<10.4.0.3 | |
| Arubanetworks Arubaos | =10.5.0.0 | |
| Hp Instantos | >=6.4.0.0<8.6.0.23 | |
| Hp Instantos | >=8.10.0.0<8.10.0.9 | |
| Hp Instantos | >=8.11.0.0<8.11.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2023-45626.
What is the severity level of CVE-2023-45626?
The severity level of CVE-2023-45626 is high.
Which software is affected by CVE-2023-45626?
The affected software includes Arubanetworks ArubaOS versions 10.3.0.0 to 10.4.0.3, 10.5.0.0, and Hp InstantOS versions 6.4.0.0 to 8.6.0.23, 8.10.0.0 to 8.10.0.9, and 8.11.0.0 to 8.11.2.0.
What can an attacker do with CVE-2023-45626?
An attacker can establish highly privileged persistent arbitrary code execution across boot cycles.
Is there a fix available for CVE-2023-45626?
It is recommended to refer to the Aruba Networks advisory at https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-017.txt for instructions on how to address the vulnerability.
- collector/mitre-cve
- collector/nvd-api
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/tags
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/arubanetworks
- canonical/arubanetworks arubaos
- version/arubanetworks arubaos/10.3.0.0
- version/arubanetworks arubaos/10.5.0.0
- vendor/hp
- canonical/hp instantos
- version/hp instantos/6.4.0.0
- version/hp instantos/8.10.0.0
- version/hp instantos/8.11.0.0