CVE-2023-1168

Authenticated Remote Code Execution in Aruba CX Switches

Description

An authenticated remote code execution vulnerability exists in the AOS-CX Network Analytics Engine. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system, leading to a complete compromise of the switch running AOS-CX.

References

Link	Tags
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-004.txt	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2023-1168?: CVE-2023-1168 has been scored as a high severity vulnerability.
How to fix CVE-2023-1168?: To fix CVE-2023-1168, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-1168 being actively exploited in the wild?: It is possible that CVE-2023-1168 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-1168?: CVE-2023-1168 affects Hewlett Packard Enterprise (HPE) Aruba CX 10000 Switch Series, Aruba CX 9300 Switch Series, Aruba CX 8400 Switch Series, Aruba CX 8360 Switch Series, Aruba CX 8325 Switch Series, Aruba CX 8320 Switch Series, Aruba CX 6400 Switch Series, Aruba CX 6300 Switch Series, Aruba CX 6200F Switch Series.

Description

Category

CWE-77 – Improper Neutralization of Special Elements used in a Command ('Command Injection')

References

Frequently Asked Questions