CVE-2023-38402 - Vulnerability Details - OpenCVE

A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00138.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Hp Subscribe	Aruba Virtual Intranet Access Subscribe
Microsoft Subscribe	Windows Subscribe

Configuration 1 [-]

AND

cpe:2.3:a:hp:aruba_virtual_intranet_access:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

No data.

No data.

Advisories

Source	ID	Title
EUVD	EUVD-2023-42219	A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt

History

Thu, 03 Oct 2024 14:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: hpe

Published: 2023-08-15T18:47:59.783Z

Updated: 2024-10-03T13:39:07.179Z

Reserved: 2023-07-17T15:44:25.991Z

Link: CVE-2023-38402

Vulnrichment

Updated: 2024-08-02T17:39:13.552Z

NVD

Status : Modified

Published: 2023-08-15T19:15:10.490

Modified: 2024-11-21T08:13:29.527

Link: CVE-2023-38402

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

NVD-CWE-noinfo

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-38402", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "state": "PUBLISHED", "assignerShortName": "hpe", "dateReserved": "2023-07-17T15:44:25.991Z", "datePublished": "2023-08-15T18:47:59.783Z", "dateUpdated": "2024-10-03T13:39:07.179Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["Windows"], "product": "HPE Aruba Networking Virtual Intranet Access (VIA)", "vendor": "Hewlett Packard Enterprise (HPE)", "versions": [{"lessThanOrEqual": "<=4.5.0", "status": "affected", "version": "HPE Aruba Networking Virtual Intranet Access (VIA) client for Microsoft Windows", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Gee-netics"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process."}], "value": "A vulnerability in the HPE Aruba Networking Virtual Intranet\u00a0Access (VIA) client could allow malicious users to overwrite\u00a0arbitrary files as NT AUTHORITY\\SYSTEM. A successful\u00a0exploit could allow these malicious users to create a\u00a0Denial-of-Service (DoS) condition affecting the Microsoft\u00a0Windows operating System boot process."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2023-08-15T18:47:59.783Z"}, "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt"}], "source": {"discovery": "UNKNOWN"}, "title": "Arbitrary File Overwrite in HPE Aruba Networking Virtual Intranet Access (VIA) Microsoft Windows Client", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:39:13.552Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-03T13:38:22.931372Z", "id": "CVE-2023-38402", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-03T13:39:07.179Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T17:39:13.552Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-38402", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-03T13:38:22.931372Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-03T13:38:32.612Z"}}], "cna": {"title": "Arbitrary File Overwrite in HPE Aruba Networking Virtual Intranet Access (VIA) Microsoft Windows Client", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Gee-netics"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Hewlett Packard Enterprise (HPE)", "product": "HPE Aruba Networking Virtual Intranet Access (VIA)", "versions": [{"status": "affected", "version": "HPE Aruba Networking Virtual Intranet Access (VIA) client for Microsoft Windows", "versionType": "semver", "lessThanOrEqual": "<=4.5.0"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the HPE Aruba Networking Virtual Intranet\u00a0Access (VIA) client could allow malicious users to overwrite\u00a0arbitrary files as NT AUTHORITY\\SYSTEM. A successful\u00a0exploit could allow these malicious users to create a\u00a0Denial-of-Service (DoS) condition affecting the Microsoft\u00a0Windows operating System boot process.", "supportingMedia": [{"type": "text/html", "value": "A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\\SYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.", "base64": false}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2023-08-15T18:47:59.783Z"}}}, "cveMetadata": {"cveId": "CVE-2023-38402", "state": "PUBLISHED", "dateUpdated": "2024-10-03T13:39:07.179Z", "dateReserved": "2023-07-17T15:44:25.991Z", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "datePublished": "2023-08-15T18:47:59.783Z", "assignerShortName": "hpe"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hp:aruba_virtual_intranet_access:*:*:*:*:*:*:*:*", "matchCriteriaId": "5985F387-86D2-4DF3-A7E3-948B843D85E5", "versionEndExcluding": "4.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the HPE Aruba Networking Virtual Intranet\u00a0Access (VIA) client could allow malicious users to overwrite\u00a0arbitrary files as NT AUTHORITY\\SYSTEM. A successful\u00a0exploit could allow these malicious users to create a\u00a0Denial-of-Service (DoS) condition affecting the Microsoft\u00a0Windows operating System boot process."}], "id": "CVE-2023-38402", "lastModified": "2024-11-21T08:13:29.527", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "security-alert@hpe.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-15T19:15:10.490", "references": [{"source": "security-alert@hpe.com", "tags": ["Vendor Advisory"], "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt"}], "sourceIdentifier": "security-alert@hpe.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}