Medium severity4.9NVD Advisory· Published Dec 12, 2022· Updated Jun 17, 2026
CVE-2022-43518
CVE-2022-43518
Description
An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise web interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.
Affected products
2- Range: <=9.2.1.0, <=9.1.3.0, <=9.0.7.0, <=8.3.7.1
- Hewlett Packard Enterprise (HPE)/Aruba EdgeConnect Enterprise Softwarev5Range: ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below;
Patches
Vulnerability mechanics
References
1- www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-018.txtnvdVendor Advisory
News mentions
0No linked articles in our index yet.