VYPR
Unrated severityNVD Advisory· Published Nov 3, 2022· Updated May 2, 2025

CVE-2022-37902

CVE-2022-37902

Description

Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

Affected products

2
  • Hewlett Packard Enterprise/Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Centralv5
    Range: ArubaOS 6.5.4.x: 6.5.4.23 and above; ArubaOS 8.6.x: 8.6.0.18 and above; ArubaOS 8.7.x: 8.7.1.10 and above; ArubaOS 8.10.x: 8.10.0.0 and above; ArubaOS 10.3.x: 10.3.0.1 and above; SD-WAN-2.3.0.x: 8.7.0.0-2.3.0.7 and above

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.