CVE-2023-30506 (GCVE-0-2023-30506)

Vulnerability from cvelistv5 – Published: 2023-05-16 18:51 – Updated: 2025-01-31 14:57
VLAI?
Summary
Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.
Severity ?
7.2 (High)
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE
Assigner
hpe
References
Impacted products
Vendor Product Version
Hewlett Packard Enterprise (HPE) Aruba EdgeConnect Enterprise Software Affected: ECOS 9.2.x.x , ≤ 9.2.3.0 (custom)
Affected: ECOS 9.1.x.x , ≤ 9.1.5.0 (custom)
Affected: ECOS 9.0.x.x , ≤ 9.0.8.0 (custom)
Affected: ECOS 8.x.x.x , ≤ all (custom)
Create a notification for this product.
Credits
Daniel Jensen (@dozernz)
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T14:28:51.416Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-30506",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-22T19:18:50.808636Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-31T14:57:56.713Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Aruba EdgeConnect Enterprise Software",
          "vendor": "Hewlett Packard Enterprise (HPE)",
          "versions": [
            {
              "lessThanOrEqual": "9.2.3.0",
              "status": "affected",
              "version": "ECOS 9.2.x.x",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "9.1.5.0",
              "status": "affected",
              "version": "ECOS 9.1.x.x",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "9.0.8.0",
              "status": "affected",
              "version": "ECOS 9.0.x.x",
              "versionType": "custom"
            },
            {
              "lessThanOrEqual": "all",
              "status": "affected",
              "version": "ECOS 8.x.x.x",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "  Daniel Jensen (@dozernz)"
        }
      ],
      "datePublic": "2023-05-23T20:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Vulnerabilities exist in the Aruba EdgeConnect Enterprise\u0026nbsp;command line interface that allow remote authenticated users\u0026nbsp;to run arbitrary commands on the underlying host. Successful\u0026nbsp;exploitation of these vulnerabilities result in the ability\u0026nbsp;to execute arbitrary commands as root on the underlying\u0026nbsp;operating system leading to complete system compromise."
            }
          ],
          "value": "Vulnerabilities exist in the Aruba EdgeConnect Enterprise\u00a0command line interface that allow remote authenticated users\u00a0to run arbitrary commands on the underlying host. Successful\u00a0exploitation of these vulnerabilities result in the ability\u00a0to execute arbitrary commands as root on the underlying\u00a0operating system leading to complete system compromise."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-07T14:30:35.097Z",
        "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "shortName": "hpe"
      },
      "references": [
        {
          "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Authenticated Remote Code Execution in Aruba EdgeConnect Enterprise Command Line Interface",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
    "assignerShortName": "hpe",
    "cveId": "CVE-2023-30506",
    "datePublished": "2023-05-16T18:51:50.159Z",
    "dateReserved": "2023-04-11T20:22:08.184Z",
    "dateUpdated": "2025-01-31T14:57:56.713Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"9.0.8.0\", \"matchCriteriaId\": \"D75E6912-3DB4-47C9-87BF-A5D0BFA71743\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.1.0.0\", \"versionEndIncluding\": \"9.1.5.0\", \"matchCriteriaId\": \"40ABD090-E99C-4A19-9540-3A1123FF886B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"9.2.0.0\", \"versionEndIncluding\": \"9.2.3.0\", \"matchCriteriaId\": \"73218F9F-C3F8-4AD2-8116-9CA428995154\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Vulnerabilities exist in the Aruba EdgeConnect Enterprise\\u00a0command line interface that allow remote authenticated users\\u00a0to run arbitrary commands on the underlying host. Successful\\u00a0exploitation of these vulnerabilities result in the ability\\u00a0to execute arbitrary commands as root on the underlying\\u00a0operating system leading to complete system compromise.\"}]",
      "id": "CVE-2023-30506",
      "lastModified": "2024-11-21T08:00:18.803",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"security-alert@hpe.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"HIGH\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.2, \"impactScore\": 5.9}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
      "published": "2023-05-16T19:15:09.817",
      "references": "[{\"url\": \"https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt\", \"source\": \"security-alert@hpe.com\"}, {\"url\": \"https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "security-alert@hpe.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-30506\",\"sourceIdentifier\":\"security-alert@hpe.com\",\"published\":\"2023-05-16T19:15:09.817\",\"lastModified\":\"2025-01-31T15:15:09.910\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerabilities exist in the Aruba EdgeConnect Enterprise\u00a0command line interface that allow remote authenticated users\u00a0to run arbitrary commands on the underlying host. Successful\u00a0exploitation of these vulnerabilities result in the ability\u00a0to execute arbitrary commands as root on the underlying\u00a0operating system leading to complete system compromise.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-alert@hpe.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.2,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"9.0.8.0\",\"matchCriteriaId\":\"D75E6912-3DB4-47C9-87BF-A5D0BFA71743\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.1.0.0\",\"versionEndIncluding\":\"9.1.5.0\",\"matchCriteriaId\":\"40ABD090-E99C-4A19-9540-3A1123FF886B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"9.2.0.0\",\"versionEndIncluding\":\"9.2.3.0\",\"matchCriteriaId\":\"73218F9F-C3F8-4AD2-8116-9CA428995154\"}]}]}],\"references\":[{\"url\":\"https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt\",\"source\":\"security-alert@hpe.com\"},{\"url\":\"https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T14:28:51.416Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-30506\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-22T19:18:50.808636Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-22T19:19:10.919Z\"}}], \"cna\": {\"title\": \"Authenticated Remote Code Execution in Aruba EdgeConnect Enterprise Command Line Interface\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"  Daniel Jensen (@dozernz)\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Hewlett Packard Enterprise (HPE)\", \"product\": \"Aruba EdgeConnect Enterprise Software\", \"versions\": [{\"status\": \"affected\", \"version\": \"ECOS 9.2.x.x\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.2.3.0\"}, {\"status\": \"affected\", \"version\": \"ECOS 9.1.x.x\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.1.5.0\"}, {\"status\": \"affected\", \"version\": \"ECOS 9.0.x.x\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.0.8.0\"}, {\"status\": \"affected\", \"version\": \"ECOS 8.x.x.x\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"all\"}], \"defaultStatus\": \"affected\"}], \"datePublic\": \"2023-05-23T20:00:00.000Z\", \"references\": [{\"url\": \"https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Vulnerabilities exist in the Aruba EdgeConnect Enterprise\\u00a0command line interface that allow remote authenticated users\\u00a0to run arbitrary commands on the underlying host. Successful\\u00a0exploitation of these vulnerabilities result in the ability\\u00a0to execute arbitrary commands as root on the underlying\\u00a0operating system leading to complete system compromise.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Vulnerabilities exist in the Aruba EdgeConnect Enterprise\u0026nbsp;command line interface that allow remote authenticated users\u0026nbsp;to run arbitrary commands on the underlying host. Successful\u0026nbsp;exploitation of these vulnerabilities result in the ability\u0026nbsp;to execute arbitrary commands as root on the underlying\u0026nbsp;operating system leading to complete system compromise.\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"eb103674-0d28-4225-80f8-39fb86215de0\", \"shortName\": \"hpe\", \"dateUpdated\": \"2023-07-07T14:30:35.097Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-30506\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-31T14:57:56.713Z\", \"dateReserved\": \"2023-04-11T20:22:08.184Z\", \"assignerOrgId\": \"eb103674-0d28-4225-80f8-39fb86215de0\", \"datePublished\": \"2023-05-16T18:51:50.159Z\", \"assignerShortName\": \"hpe\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.