CVE-2023-30510

A vulnerability exists in the Aruba EdgeConnect Enterprise web management interface that allows remote authenticated users to issue arbitrary URL requests from the Aruba EdgeConnect Enterprise instance. The impact of this vulnerability is limited to a subset of URLs which can result in the possible disclosure of data due to the network position of the Aruba EdgeConnect Enterprise instance.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*
cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:00

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 4.3
v2 : unknown
v3 : 4.1
References () https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt - () https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt -

07 Jul 2023, 15:15

Type Values Removed Values Added
References
  • {'url': 'https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt', 'name': 'https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt', 'tags': ['Broken Link', 'Vendor Advisory'], 'refsource': 'MISC'}
  • (MISC) https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt -

25 May 2023, 15:42

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 4.3
CPE cpe:2.3:a:arubanetworks:edgeconnect_enterprise:*:*:*:*:*:*:*:*
References (MISC) https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt - (MISC) https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-0007.txt - Broken Link, Vendor Advisory
CWE NVD-CWE-noinfo

16 May 2023, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-05-16 19:15

Updated : 2024-11-21 08:00


NVD link : CVE-2023-30510

Mitre link : CVE-2023-30510

CVE.ORG link : CVE-2023-30510


JSON object : View

Products Affected

arubanetworks

  • edgeconnect_enterprise