An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise web interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.
References
Link | Resource |
---|---|
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-018.txt | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hpe
Published: 2022-11-30T19:26:15.407Z
Updated: 2022-12-12T12:11:04.548862Z
Reserved: 2022-10-20T12:58:24.594Z
Link: CVE-2022-43518
JSON object: View
NVD Information
Status : Modified
Published: 2022-12-12T13:15:14.857
Modified: 2023-11-07T03:53:54.207
Link: CVE-2022-43518
JSON object: View
Redhat Information
No data.
CWE