OpenCVE

A vulnerability in the EdgeConnect SD-WAN Orchestrator web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Arubanetworks	Edgeconnect Sd-wan Orchestrator
Hpe	Edgeconnect Sd-wan Orchestrator

Configuration 1 [-]

OR	cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator::::::::
	cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator::::::::
	cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator::::::::
	cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:::::::*

No data.

References

Link	Providers
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt

History

Thu, 03 Oct 2024 15:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Hpe Hpe edgeconnect Sd-wan Orchestrator
CPEs		cpe:2.3:a:hpe:edgeconnect_sd-wan_orchestrator::::::::
Vendors & Products		Hpe Hpe edgeconnect Sd-wan Orchestrator
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: hpe

Published: 2023-08-22T18:04:50.122Z

Updated: 2024-10-03T14:48:07.190Z

Reserved: 2023-07-05T17:36:47.997Z

Link: CVE-2023-37428

Vulnrichment

Updated: 2024-08-02T17:16:29.573Z

NVD

Status : Modified

Published: 2023-08-22T19:16:37.423

Modified: 2024-11-21T08:11:41.380

Link: CVE-2023-37428

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-37428", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "state": "PUBLISHED", "assignerShortName": "hpe", "dateReserved": "2023-07-05T17:36:47.997Z", "datePublished": "2023-08-22T18:04:50.122Z", "dateUpdated": "2024-10-03T14:48:07.190Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "EdgeConnect SD-WAN Orchestrator", "vendor": "Hewlett Packard Enterprise (HPE)", "versions": [{"lessThanOrEqual": "<=9.3.0", "status": "affected", "version": "Orchestrator 9.3.x", "versionType": "semver"}, {"lessThanOrEqual": "<=9.2.5", "status": "affected", "version": "Orchestrator 9.2.x", "versionType": "semver"}, {"lessThanOrEqual": "<=9.1.7", "status": "affected", "version": "Orchestrator 9.1.x", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Daniel Jensen (@dozernz)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A vulnerability in the EdgeConnect SD-WAN Orchestrator web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise."}], "value": "A vulnerability in the EdgeConnect SD-WAN Orchestrator\u00a0web-based management interface allows remote authenticated\u00a0users to run arbitrary commands on the underlying host.\u00a0A successful exploit could allow an attacker to execute\u00a0arbitrary commands as root on the underlying operating system\u00a0leading to complete system compromise."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2023-08-22T18:04:50.122Z"}, "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt"}], "source": {"discovery": "UNKNOWN"}, "title": "Authenticated Remote Code Execution via Path Traversal in EdgeConnect SD-WAN Orchestrator Web-Based Management Interface", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:16:29.573Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "hpe", "product": "edgeconnect_sd-wan_orchestrator", "cpes": ["cpe:2.3:a:hpe:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "9.1x", "status": "affected", "lessThanOrEqual": "9.1.7", "versionType": "semver"}, {"version": "9.2x", "status": "affected", "lessThanOrEqual": "9.2.5", "versionType": "semver"}, {"version": "9.3x", "status": "affected", "lessThanOrEqual": "9.3.0", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-03T14:45:59.634603Z", "id": "CVE-2023-37428", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-03T14:48:07.190Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:16:29.573Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-37428", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-03T14:45:59.634603Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:hpe:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*"], "vendor": "hpe", "product": "edgeconnect_sd-wan_orchestrator", "versions": [{"status": "affected", "version": "9.1x", "versionType": "semver", "lessThanOrEqual": "9.1.7"}, {"status": "affected", "version": "9.2x", "versionType": "semver", "lessThanOrEqual": "9.2.5"}, {"status": "affected", "version": "9.3x", "versionType": "semver", "lessThanOrEqual": "9.3.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-03T14:47:59.780Z"}}], "cna": {"title": "Authenticated Remote Code Execution via Path Traversal in EdgeConnect SD-WAN Orchestrator Web-Based Management Interface", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Daniel Jensen (@dozernz)"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Hewlett Packard Enterprise (HPE)", "product": "EdgeConnect SD-WAN Orchestrator", "versions": [{"status": "affected", "version": "Orchestrator 9.3.x", "versionType": "semver", "lessThanOrEqual": "<=9.3.0"}, {"status": "affected", "version": "Orchestrator 9.2.x", "versionType": "semver", "lessThanOrEqual": "<=9.2.5"}, {"status": "affected", "version": "Orchestrator 9.1.x", "versionType": "semver", "lessThanOrEqual": "<=9.1.7"}], "defaultStatus": "affected"}], "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the EdgeConnect SD-WAN Orchestrator\u00a0web-based management interface allows remote authenticated\u00a0users to run arbitrary commands on the underlying host.\u00a0A successful exploit could allow an attacker to execute\u00a0arbitrary commands as root on the underlying operating system\u00a0leading to complete system compromise.", "supportingMedia": [{"type": "text/html", "value": "A vulnerability in the EdgeConnect SD-WAN Orchestrator web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.", "base64": false}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2023-08-22T18:04:50.122Z"}}}, "cveMetadata": {"cveId": "CVE-2023-37428", "state": "PUBLISHED", "dateUpdated": "2024-10-03T14:48:07.190Z", "dateReserved": "2023-07-05T17:36:47.997Z", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "datePublished": "2023-08-22T18:04:50.122Z", "assignerShortName": "hpe"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "5E893AD7-C02C-4608-AF2E-01FDF300DFF0", "versionEndIncluding": "9.0.5", "versionStartIncluding": "9.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "A49FCAD2-9EAA-4A38-9416-96C130C6E3CE", "versionEndIncluding": "9.1.7", "versionStartIncluding": "9.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "7B72D752-0E1E-4D9F-8DE7-848EA8161402", "versionEndIncluding": "9.2.5", "versionStartIncluding": "9.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "141D0310-AE35-48FA-953A-1F2019370717", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the EdgeConnect SD-WAN Orchestrator\u00a0web-based management interface allows remote authenticated\u00a0users to run arbitrary commands on the underlying host.\u00a0A successful exploit could allow an attacker to execute\u00a0arbitrary commands as root on the underlying operating system\u00a0leading to complete system compromise."}], "id": "CVE-2023-37428", "lastModified": "2024-11-21T08:11:41.380", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "security-alert@hpe.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-22T19:16:37.423", "references": [{"source": "security-alert@hpe.com", "tags": ["Vendor Advisory"], "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt"}], "sourceIdentifier": "security-alert@hpe.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}