CVE-2024-41136 - Vulnerability Details - OpenCVE

An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateways Command Line Interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Arubanetworks	Edgeconnect Sd-wan Orchestrator

Configuration 1 [-]

OR	cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator::::::::
	cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator::::::::
	cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:8.0.0:::::::*
	cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.0.0:::::::*
	cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:::::::*

No data.

References

Link	Providers
https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04673.txt

History

No history.

MITRE

Status: PUBLISHED

Assigner: hpe

Published: 2024-07-24T20:05:42.905Z

Updated: 2024-08-02T04:46:51.624Z

Reserved: 2024-07-15T21:54:25.878Z

Link: CVE-2024-41136

Vulnrichment

Updated: 2024-07-25T13:22:36.224Z

NVD

Status : Modified

Published: 2024-07-24T21:15:11.857

Modified: 2024-11-21T09:32:18.327

Link: CVE-2024-41136

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-41136", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "state": "PUBLISHED", "assignerShortName": "hpe", "dateReserved": "2024-07-15T21:54:25.878Z", "datePublished": "2024-07-24T20:05:42.905Z", "dateUpdated": "2024-08-02T04:46:51.624Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "HPE Aruba Networking EdgeConnect SD-WAN", "vendor": "Hewlett Packard Enterprise (HPE)", "versions": [{"lessThanOrEqual": "<=9.3.3.0", "status": "affected", "version": "ECOS 9.3.x.x: 9.3.3.0 and below", "versionType": "semver"}, {"lessThanOrEqual": "<=9.2.9.0", "status": "affected", "version": "ECOS 9.2.x.x: 9.2.9.0 and below", "versionType": "semver"}, {"lessThanOrEqual": "<=9.1.11.0", "status": "affected", "version": "ECOS 9.1.x.x: 9.1.11.0 and below", "versionType": "semver"}, {"lessThanOrEqual": "<=9.0.x.x", "status": "affected", "version": "ECOS 9.0.x.x: all builds are affected and are out of maintenance.", "versionType": "semver"}, {"lessThanOrEqual": "<=8.0.x.x", "status": "affected", "version": "ECOS 8.0.x.x: all builds are affected and are out of maintenance.", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "Daniel Jensen (bugcrowd.com/dozernz)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateways Command Line Interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.\n\n<br>"}], "value": "An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateways Command Line Interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2024-07-24T20:05:42.905Z"}, "references": [{"url": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04673.txt"}], "source": {"advisory": "HPESBNW04673", "discovery": "EXTERNAL"}, "title": "Authenticated Command Injection in HPE Aruba Networking EdgeConnect SD-WAN Command Line Interface", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-77", "lang": "en", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}], "affected": [{"vendor": "arubanetworks", "product": "edgeconnect_sd-wan_orchestrator", "cpes": ["cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "9.3.0", "status": "affected", "lessThanOrEqual": "9.3.3.0", "versionType": "semver"}]}, {"vendor": "arubanetworks", "product": "edgeconnect_sd-wan_orchestrator", "cpes": ["cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.2.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "9.2.0", "status": "affected", "lessThanOrEqual": "9.2.9.0", "versionType": "semver"}]}, {"vendor": "arubanetworks", "product": "edgeconnect_sd-wan_orchestrator", "cpes": ["cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.1.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "9.1.0", "status": "affected", "lessThanOrEqual": "9.1.11.0", "versionType": "semver"}]}, {"vendor": "arubanetworks", "product": "edgeconnect_sd-wan_orchestrator", "cpes": ["cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "9.0.0", "status": "affected", "lessThan": "9.1.0", "versionType": "semver"}]}, {"vendor": "arubanetworks", "product": "edgeconnect_sd-wan_orchestrator", "cpes": ["cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:8.0.0:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "versions": [{"version": "8.0.0", "status": "affected", "lessThan": "8.0.1", "versionType": "semver"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-07-25T13:17:26.089025Z", "id": "CVE-2024-41136", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-25T13:54:12.192Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T04:46:51.624Z"}, "title": "CVE Program Container", "references": [{"url": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04673.txt", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "Authenticated Command Injection in HPE Aruba Networking EdgeConnect SD-WAN Command Line Interface", "source": {"advisory": "HPESBNW04673", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "Daniel Jensen (bugcrowd.com/dozernz)"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Hewlett Packard Enterprise (HPE)", "product": "HPE Aruba Networking EdgeConnect SD-WAN", "versions": [{"status": "affected", "version": "ECOS 9.3.x.x: 9.3.3.0 and below", "versionType": "semver", "lessThanOrEqual": "<=9.3.3.0"}, {"status": "affected", "version": "ECOS 9.2.x.x: 9.2.9.0 and below", "versionType": "semver", "lessThanOrEqual": "<=9.2.9.0"}, {"status": "affected", "version": "ECOS 9.1.x.x: 9.1.11.0 and below", "versionType": "semver", "lessThanOrEqual": "<=9.1.11.0"}, {"status": "affected", "version": "ECOS 9.0.x.x: all builds are affected and are out of maintenance.", "versionType": "semver", "lessThanOrEqual": "<=9.0.x.x"}, {"status": "affected", "version": "ECOS 8.0.x.x: all builds are affected and are out of maintenance.", "versionType": "semver", "lessThanOrEqual": "<=8.0.x.x"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04673.txt"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateways Command Line Interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.", "supportingMedia": [{"type": "text/html", "value": "An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateways Command Line Interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.\n\n<br>", "base64": false}]}], "providerMetadata": {"orgId": "eb103674-0d28-4225-80f8-39fb86215de0", "shortName": "hpe", "dateUpdated": "2024-07-24T20:05:42.905Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-41136", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-07-25T13:17:26.089025Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "edgeconnect_sd-wan_orchestrator", "versions": [{"status": "affected", "version": "9.3.0", "versionType": "semver", "lessThanOrEqual": "9.3.3.0"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.2.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "edgeconnect_sd-wan_orchestrator", "versions": [{"status": "affected", "version": "9.2.0", "versionType": "semver", "lessThanOrEqual": "9.2.9.0"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.1.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "edgeconnect_sd-wan_orchestrator", "versions": [{"status": "affected", "version": "9.1.0", "versionType": "semver", "lessThanOrEqual": "9.1.11.0"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.0.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "edgeconnect_sd-wan_orchestrator", "versions": [{"status": "affected", "version": "9.0.0", "lessThan": "9.1.0", "versionType": "semver"}], "defaultStatus": "unaffected"}, {"cpes": ["cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:8.0.0:*:*:*:*:*:*:*"], "vendor": "arubanetworks", "product": "edgeconnect_sd-wan_orchestrator", "versions": [{"status": "affected", "version": "8.0.0", "lessThan": "8.0.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')"}]}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2024-07-25T13:22:36.224Z"}}]}, "cveMetadata": {"cveId": "CVE-2024-41136", "state": "PUBLISHED", "dateUpdated": "2024-07-24T20:05:42.905Z", "dateReserved": "2024-07-15T21:54:25.878Z", "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0", "datePublished": "2024-07-24T20:05:42.905Z", "assignerShortName": "hpe"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "58523FB7-51C6-47A6-ACDF-057008EE7F2A", "versionEndIncluding": "9.1.11", "versionStartIncluding": "9.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:*:*:*:*:*:*:*:*", "matchCriteriaId": "E20B1C8F-4068-4B88-9819-3913A2A2AB7F", "versionEndIncluding": "9.2.9", "versionStartIncluding": "9.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:8.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B192B735-604E-49DB-910A-93912220AB2E", "vulnerable": true}, {"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "673B3C88-A3F3-4027-A4BA-53FAF47A45BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:arubanetworks:edgeconnect_sd-wan_orchestrator:9.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "141D0310-AE35-48FA-953A-1F2019370717", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateways Command Line Interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system."}, {"lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos autenticada en la interfaz de l\u00ednea de comandos de las puertas de enlace SD-WAN HPE Aruba Networking EdgeConnect. La explotaci\u00f3n exitosa de esta vulnerabilidad da como resultado la capacidad de ejecutar comandos arbitrarios como usuario privilegiado en el sistema operativo subyacente."}], "id": "CVE-2024-41136", "lastModified": "2024-11-21T09:32:18.327", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 5.9, "source": "security-alert@hpe.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-07-24T21:15:11.857", "references": [{"source": "security-alert@hpe.com", "tags": ["Vendor Advisory"], "url": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04673.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://csaf.arubanetworks.com/2024/hpe_aruba_networking_-_hpesbnw04673.txt"}], "sourceIdentifier": "security-alert@hpe.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-77"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}