CVE-2023-35971 - Vulnerability Details - OpenCVE

A vulnerability in the ArubaOS web-based management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Arubanetworks	Arubaos Mc-va-10 Mc-va-1k Mc-va-250 Mc-va-50 Mcr-hw-10k Mcr-hw-1k Mcr-hw-5k Mcr-va-10k Mcr-va-1k Mcr-va-50 Mcr-va-500 Mcr-va-5k Sd-wan

Configuration 1 [-]

AND

OR	cpe:2.3:o:arubanetworks:arubaos::::::::
	cpe:2.3:o:arubanetworks:arubaos::::::::
	cpe:2.3:o:arubanetworks:arubaos::::::::
	cpe:2.3:o:arubanetworks:arubaos::::::::

OR	cpe:2.3:a:arubanetworks:mc-va-10:-:::::::*
	cpe:2.3:a:arubanetworks:mc-va-1k:-:::::::*
	cpe:2.3:a:arubanetworks:mc-va-250:-:::::::*
	cpe:2.3:a:arubanetworks:mc-va-50:-:::::::*
	cpe:2.3:a:arubanetworks:mcr-va-10k:-:::::::*
	cpe:2.3:a:arubanetworks:mcr-va-1k:-:::::::*
	cpe:2.3:a:arubanetworks:mcr-va-50:-:::::::*
	cpe:2.3:a:arubanetworks:mcr-va-500:-:::::::*
	cpe:2.3:a:arubanetworks:mcr-va-5k:-:::::::*
	cpe:2.3:a:arubanetworks:sd-wan:-:::::::*
	cpe:2.3:h:arubanetworks:mcr-hw-10k:-:::::::*
	cpe:2.3:h:arubanetworks:mcr-hw-1k:-:::::::*
	cpe:2.3:h:arubanetworks:mcr-hw-5k:-:::::::*

No data.

References

Link	Providers
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt

History

Mon, 21 Oct 2024 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: hpe

Published: 2023-07-05T14:43:11.546Z

Updated: 2024-10-21T21:11:32.335Z

Reserved: 2023-06-20T18:41:22.736Z

Link: CVE-2023-35971

Vulnrichment

Updated: 2024-08-02T16:37:40.574Z

NVD

Status : Modified

Published: 2023-07-05T15:15:09.277

Modified: 2024-11-21T08:09:05.070

Link: CVE-2023-35971

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-35971", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "state": "PUBLISHED", "assignerShortName": "hpe", "dateReserved": "2023-06-20T18:41:22.736Z", "datePublished": "2023-07-05T14:43:11.546Z", "dateUpdated": "2024-10-21T21:11:32.335Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central", "vendor": "Hewlett Packard Enterprise (HPE)", "versions": [{"status": "affected", "version": "- ArubaOS 10.4.x.x: 10.4.0.1 and below"}, {"status": "affected", "version": "- ArubaOS 8.11.x.x: 8.11.1.0 and below"}, {"status": "affected", "version": "- ArubaOS 8.10.x.x: 8.10.0.6 and below"}, {"status": "affected", "version": "- ArubaOS 8.6.x.x: 8.6.0.20 and below"}]}], "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "123ojp (bugcrowd.com/123ojp)"}], "datePublic": "2023-07-11T19:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "A vulnerability in the ArubaOS web-based management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface."}], "value": "A vulnerability in the ArubaOS web-based management interface could allow an unauthenticated remote attacker to\u00a0conduct a stored cross-site scripting (XSS) attack against a\u00a0user of the interface. A successful exploit could\u00a0allow an attacker to execute arbitrary script code in a\u00a0victim's browser in the context of the affected interface."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2023-07-05T14:43:11.546Z"}, "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt"}], "source": {"discovery": "UNKNOWN"}, "title": "Unauthenticated Stored Cross-Site Scripting (XSS) in ArubaOS Web-based Management Interface", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:37:40.574Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-21T21:07:03.397156Z", "id": "CVE-2023-35971", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-21T21:11:32.335Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T16:37:40.574Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-35971", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-21T21:07:03.397156Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-21T21:08:34.488Z"}}], "cna": {"title": "Unauthenticated Stored Cross-Site Scripting (XSS) in ArubaOS Web-based Management Interface", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "123ojp (bugcrowd.com/123ojp)"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Hewlett Packard Enterprise (HPE)", "product": "Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central", "versions": [{"status": "affected", "version": "- ArubaOS 10.4.x.x: 10.4.0.1 and below"}, {"status": "affected", "version": "- ArubaOS 8.11.x.x: 8.11.1.0 and below"}, {"status": "affected", "version": "- ArubaOS 8.10.x.x: 8.10.0.6 and below"}, {"status": "affected", "version": "- ArubaOS 8.6.x.x: 8.6.0.20 and below"}], "defaultStatus": "affected"}], "datePublic": "2023-07-11T19:00:00.000Z", "references": [{"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the ArubaOS web-based management interface could allow an unauthenticated remote attacker to\u00a0conduct a stored cross-site scripting (XSS) attack against a\u00a0user of the interface. A successful exploit could\u00a0allow an attacker to execute arbitrary script code in a\u00a0victim's browser in the context of the affected interface.", "supportingMedia": [{"type": "text/html", "value": "A vulnerability in the ArubaOS web-based management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.", "base64": false}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2023-07-05T14:43:11.546Z"}}}, "cveMetadata": {"cveId": "CVE-2023-35971", "state": "PUBLISHED", "dateUpdated": "2024-10-21T21:11:32.335Z", "dateReserved": "2023-06-20T18:41:22.736Z", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "datePublished": "2023-07-05T14:43:11.546Z", "assignerShortName": "hpe"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", "matchCriteriaId": "F16AFF8F-596A-4153-8529-36AD2E142066", "versionEndExcluding": "8.6.0.21", "versionStartIncluding": "6.5.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", "matchCriteriaId": "DC566921-54C3-4368-A7FB-1F68F964975C", "versionEndExcluding": "8.10.0.7", "versionStartIncluding": "8.7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", "matchCriteriaId": "A22E7E61-B318-47C8-8C72-498A17031997", "versionEndExcluding": "8.11.1.1", "versionStartIncluding": "8.11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*", "matchCriteriaId": "6418722E-304A-46EF-8D9E-EB42596F0DFC", "versionEndExcluding": "10.4.0.2", "versionStartIncluding": "10.4.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:arubanetworks:mc-va-10:-:*:*:*:*:*:*:*", "matchCriteriaId": "51A31372-168E-4182-BFE0-440403454DC5", "vulnerable": false}, {"criteria": "cpe:2.3:a:arubanetworks:mc-va-1k:-:*:*:*:*:*:*:*", "matchCriteriaId": "F519E5CF-474B-4564-9DC4-AE6FC58A48A7", "vulnerable": false}, {"criteria": "cpe:2.3:a:arubanetworks:mc-va-250:-:*:*:*:*:*:*:*", "matchCriteriaId": "51478694-008E-47A4-B8AF-497BA81EC80D", "vulnerable": false}, {"criteria": "cpe:2.3:a:arubanetworks:mc-va-50:-:*:*:*:*:*:*:*", "matchCriteriaId": "A10EF4D1-35E8-41BB-8453-19F0F3623D25", "vulnerable": false}, {"criteria": "cpe:2.3:a:arubanetworks:mcr-va-10k:-:*:*:*:*:*:*:*", "matchCriteriaId": "FA5AF43C-F2E3-44E7-B4E3-AC315B0B0DB2", "vulnerable": false}, {"criteria": "cpe:2.3:a:arubanetworks:mcr-va-1k:-:*:*:*:*:*:*:*", "matchCriteriaId": "276FF1F2-7353-4AF4-8BDA-8B78B5DCF688", "vulnerable": false}, {"criteria": "cpe:2.3:a:arubanetworks:mcr-va-50:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBCAB5D5-EB6D-460A-A8C7-0A2A9E813776", "vulnerable": false}, {"criteria": "cpe:2.3:a:arubanetworks:mcr-va-500:-:*:*:*:*:*:*:*", "matchCriteriaId": "413B049C-8B7F-4BAC-8170-2BF3B0EEA43F", "vulnerable": false}, {"criteria": "cpe:2.3:a:arubanetworks:mcr-va-5k:-:*:*:*:*:*:*:*", "matchCriteriaId": "F87B24FC-9C99-4CF7-9481-74686E48E800", "vulnerable": false}, {"criteria": "cpe:2.3:a:arubanetworks:sd-wan:-:*:*:*:*:*:*:*", "matchCriteriaId": "47E812E5-4476-4335-97D7-3D0E2A5E9E9B", "vulnerable": false}, {"criteria": "cpe:2.3:h:arubanetworks:mcr-hw-10k:-:*:*:*:*:*:*:*", "matchCriteriaId": "2CA9CA7B-AC2C-408A-B759-E2F4778B20ED", "vulnerable": false}, {"criteria": "cpe:2.3:h:arubanetworks:mcr-hw-1k:-:*:*:*:*:*:*:*", "matchCriteriaId": "38A42369-3558-4015-AF7B-7F2E2465AE61", "vulnerable": false}, {"criteria": "cpe:2.3:h:arubanetworks:mcr-hw-5k:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0D8DDC4-17FB-4A9D-BB01-E8C130B04ED2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A vulnerability in the ArubaOS web-based management interface could allow an unauthenticated remote attacker to\u00a0conduct a stored cross-site scripting (XSS) attack against a\u00a0user of the interface. A successful exploit could\u00a0allow an attacker to execute arbitrary script code in a\u00a0victim's browser in the context of the affected interface."}], "id": "CVE-2023-35971", "lastModified": "2024-11-21T08:09:05.070", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 6.0, "source": "security-alert@hpe.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-07-05T15:15:09.277", "references": [{"source": "security-alert@hpe.com", "tags": ["Vendor Advisory"], "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt"}], "sourceIdentifier": "security-alert@hpe.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}