{"vulnerability": "CVE-2023-2277", "sightings": [{"uuid": "767a6cb2-b9b2-4e5f-a072-189e756417b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22779", "type": "seen", "source": "https://www.cert.at/de/warnungen/2023/5/kritische-sicherheitslucken-in-arubaos-und-aruba-instantos-updates-verfugbar", "content": "", "creation_timestamp": "2023-05-10T13:22:06.000000Z"}, {"uuid": "559ecd55-3f28-4e0d-aaed-bd9cab343f79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22772", "type": "seen", "source": "https://www.cert.at/de/warnungen/2023/3/kritische-sicherheitslucken-in-arubaos-updates-teilweise-verfugbar", "content": "", "creation_timestamp": "2023-03-02T10:44:57.000000Z"}, {"uuid": "dc884266-1561-4694-ad7c-d60462647632", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22770", "type": "seen", "source": "https://www.cert.at/de/warnungen/2023/3/kritische-sicherheitslucken-in-arubaos-updates-teilweise-verfugbar", "content": "", "creation_timestamp": "2023-03-02T10:44:57.000000Z"}, {"uuid": "e40d3191-61ee-4123-9cb5-fb2176d838a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22771", "type": "seen", "source": "https://www.cert.at/de/warnungen/2023/3/kritische-sicherheitslucken-in-arubaos-updates-teilweise-verfugbar", "content": "", "creation_timestamp": "2023-03-02T10:44:57.000000Z"}, {"uuid": "4b3b2751-049a-4e8a-bdc5-8f5af46683d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22773", "type": "seen", "source": "https://www.cert.at/de/warnungen/2023/3/kritische-sicherheitslucken-in-arubaos-updates-teilweise-verfugbar", "content": "", "creation_timestamp": "2023-03-02T10:44:57.000000Z"}, {"uuid": "353d7e73-ab89-481f-ab14-5031da47cb67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22774", "type": "seen", "source": "https://www.cert.at/de/warnungen/2023/3/kritische-sicherheitslucken-in-arubaos-updates-teilweise-verfugbar", "content": "", "creation_timestamp": "2023-03-02T10:44:57.000000Z"}, {"uuid": "7ebd1ef6-2f08-4e47-859d-b196a2df20ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22776", "type": "seen", "source": "https://www.cert.at/de/warnungen/2023/3/kritische-sicherheitslucken-in-arubaos-updates-teilweise-verfugbar", "content": "", "creation_timestamp": "2023-03-02T10:44:57.000000Z"}, {"uuid": "03df04ed-7691-480d-97f6-57b7b3649bc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22777", "type": "seen", "source": "https://www.cert.at/de/warnungen/2023/3/kritische-sicherheitslucken-in-arubaos-updates-teilweise-verfugbar", "content": "", "creation_timestamp": "2023-03-02T10:44:57.000000Z"}, {"uuid": "0cc70850-fffe-4933-94a8-39add633018d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22778", "type": "seen", "source": "https://www.cert.at/de/warnungen/2023/3/kritische-sicherheitslucken-in-arubaos-updates-teilweise-verfugbar", "content": "", "creation_timestamp": "2023-03-02T10:44:57.000000Z"}, {"uuid": "00787459-594d-4c6e-ba2a-e714f84146c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22778", "type": "seen", "source": "Telegram/aeEEKDdD58Zt1QqJFAkg58qsw6Vvn0CpZPEGRnq3UJzfkins", "content": "", "creation_timestamp": "2025-03-08T04:36:10.000000Z"}, {"uuid": "a8220bb7-ef91-4883-95fc-d64d6ff49d27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22775", "type": "seen", "source": "https://www.cert.at/de/warnungen/2023/3/kritische-sicherheitslucken-in-arubaos-updates-teilweise-verfugbar", "content": "", "creation_timestamp": "2023-03-02T10:44:57.000000Z"}, {"uuid": "8af29304-f998-4d8f-8902-fe43c924346b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22777", "type": "seen", "source": "Telegram/Og5IbvJm8-ZA2rJ0G_gRvSn4GpeGZRO9zDkU_iM53Jw8knWx", "content": "", "creation_timestamp": "2025-03-08T04:36:10.000000Z"}, {"uuid": "83c99f69-ed44-4fc7-8797-9d94fd43a33d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22776", "type": "seen", "source": "Telegram/UqpKPh8k8arY-y8yKCbqA15Ni_yW4lpKcUm0OI_UcRDLSFgy", "content": "", "creation_timestamp": "2025-03-08T04:35:54.000000Z"}, {"uuid": "bd63edf9-5dac-439c-a719-a004f2024f8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22775", "type": "seen", "source": "Telegram/WckIxA25V3m2vgBGDsUD2fNAusJCH5YY_7chb_2sJuq4OcNf", "content": "", "creation_timestamp": "2025-03-08T04:35:54.000000Z"}, {"uuid": "75ffa8b8-090a-4921-9f4b-6fc60cb3e363", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22774", "type": "seen", "source": "Telegram/enZPDWT17E_W1exFjf11ndRA17vZVQVWdHnEkFuR7Umjmc0J", "content": "", "creation_timestamp": "2025-03-08T04:35:54.000000Z"}, {"uuid": "32513124-751a-4d7f-bf8b-d38cfefd4fb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22779", "type": "seen", "source": "https://t.me/cibsecurity/63432", "content": "\u203c CVE-2023-22779 \u203c\n\nThere are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated\u00c2\u00a0remote code execution by sending specially crafted packets\u00c2\u00a0destined to the PAPI (Aruba's access point management\u00c2\u00a0protocol) UDP port (8211). Successful exploitation of these\u00c2\u00a0vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-08T18:37:44.000000Z"}, {"uuid": "e7ca3e02-f3d5-4532-9c4f-2bbffcde08d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22773", "type": "seen", "source": "Telegram/YOGvN07r9bgS7VHcP4AZxCTwT1xJrLjnD_P5qpa14KcHttJd", "content": "", "creation_timestamp": "2025-03-08T04:35:54.000000Z"}, {"uuid": "8e94e260-56ec-469b-a236-02bd8cef2688", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22772", "type": "seen", "source": "Telegram/_so1R5ofIfq3cs33-CrZ5QJBD4FX8VOWfStnjtQ2xvy_vXLu", "content": "", "creation_timestamp": "2025-03-08T04:35:53.000000Z"}, {"uuid": "20a15a57-dfbf-44c9-9a08-9f66fa0d5286", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2277", "type": "seen", "source": "https://t.me/cibsecurity/65150", "content": "\u203c CVE-2023-2277 \u203c\n\nThe WP Directory Kit plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.9. This is due to missing or incorrect nonce validation on the 'insert' function. This makes it possible for unauthenticated attackers to update the plugin's settings and inject malicious JavaScript via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-13T07:14:54.000000Z"}, {"uuid": "bde86266-5619-4c69-a57a-cf5f03f5d96f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22770", "type": "seen", "source": "https://t.me/true_secator/4124", "content": "Aruba Networks \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0448\u0435\u0441\u0442\u044c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 PAPI \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439, \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u044e\u0449\u0435\u0433\u043e \u0431\u043e\u043b\u0435\u0435 30 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432.\n\nPAPI \u2014 \u044d\u0442\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0442\u043e\u0447\u043a\u0430\u043c\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438. \u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 Aruba Mobility Conductor, \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440\u044b Aruba Mobility Controller, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0448\u043b\u044e\u0437\u044b WLAN \u0438 SD-WAN, \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0435 Aruba Central.\n\n\u0427\u0435\u0442\u044b\u0440\u0435\u043c \u043e\u0448\u0438\u0431\u043a\u0430\u043c, \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u044b \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b CVE, \u043d\u043e \u0435\u0449\u0435 \u043d\u0435 \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b, \u0442\u0430\u043a \u043a\u0430\u043a \u043a\u0430\u0441\u0430\u044e\u0442\u0441\u044f \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0432\u0432\u043e\u0434\u043e\u0432 \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b.\n\n\u0412 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445 Aruba \u0433\u043e\u0432\u043e\u0440\u0438\u0442\u0441\u044f, \u0447\u0442\u043e CVE-2023-22747 - CVE-2023-22750 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0434\u0430\u0441\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u0412 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 \u0442\u0430\u043a\u0436\u0435 \u0435\u0441\u0442\u044c \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0441\u0442\u0435\u043a\u0430, CVE-2023-22751 \u0438 CVE-2023-22752, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n\u0412\u0441\u0435 \u043e\u0448\u0438\u0431\u043a\u0438, \u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0441\u043e\u043e\u0431\u0449\u0438\u043b \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a \u042d\u0440\u0438\u043a \u0434\u0435 \u0419\u043e\u043d\u0433 \u0447\u0435\u0440\u0435\u0437 Bugcrowd, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043f\u0443\u0442\u0435\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u0446\u0435\u043b\u0438 \u0447\u0435\u0440\u0435\u0437 UDP-\u043f\u043e\u0440\u0442 8211.\n\nPAPI \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u0435\u043a\u0442\u043e\u0440\u0430 \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u044f\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430\u0445 ArubaOS: CVE-2023-22753 - CVE-2023-22757.\n\n\u041e\u0448\u0438\u0431\u043a\u0438 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0431\u0435\u0437 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u044b \u0447\u0435\u0440\u0435\u0437 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b PAPI.\n\n\u0421\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0442\u0430\u043a\u0436\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c, \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0431\u0443\u0444\u0435\u0440\u0430 \u0447\u0442\u0435\u043d\u0438\u044f \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0441\u0442\u0440\u043e\u043a ASN.1 \u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 (CVE-2021-3712), \u043d\u043e \u0435\u0435 \u043c\u043e\u0436\u0435\u0442 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c.\n\n\u0422\u0430\u043a\u0436\u0435 \u0435\u0441\u0442\u044c \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043e\u0448\u0438\u0431\u043e\u043a \u0432 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f ArubaOS (CVE-2023-22758 - CVE-2023-22760 \u0438 CVE-2023-2276) \u0438 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 (CVE-2023-22762 - CVE-2023-22770), \u0432\u0441\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0442\u043e\u043b\u044c\u043a\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0435 \u0432\u0435\u0442\u043a\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f: ArubaOS 8.6.0.19 \u0438 \u043d\u0438\u0436\u0435, 8.10.0.4 \u0438 \u043d\u0438\u0436\u0435, 10.3.1.0 \u0438 \u043d\u0438\u0436\u0435; \u0432\u043c\u0435\u0441\u0442\u0435 \u0441 SD-WAN 8.7.0.0-2.3.0.8 \u0438 \u043d\u0438\u0436\u0435.\n\n\u041d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u0438 Aruba \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0435\u0439 \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430\u0445 \u0438\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435, \u043f\u0440\u0438\u0447\u0435\u043c \u0432 \u0432\u0435\u0442\u043a\u0435 ArubaOS 8.6.x \u043e\u0448\u0438\u0431\u043a\u0438 \u043d\u0435\u043b\u044c\u0437\u044f \u0431\u044b\u043b\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u0442\u044c, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u044d\u0442\u0438\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043f\u0440\u0438\u0434\u0435\u0442\u0441\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u0432\u0435\u0442\u043a\u0438 8.10.x.", "creation_timestamp": "2023-03-02T16:20:07.000000Z"}, {"uuid": "b59c6a2c-1137-488f-81af-aa7b738e60cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22776", "type": "seen", "source": "https://t.me/cibsecurity/59203", "content": "\u203c CVE-2023-22776 \u203c\n\nAn authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T12:39:28.000000Z"}, {"uuid": "65b3ddd8-9bce-4d74-9d39-2423b27daaa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22773", "type": "seen", "source": "https://t.me/cibsecurity/59198", "content": "\u203c CVE-2023-22773 \u203c\n\nAuthenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files in the underlying operating system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T12:39:22.000000Z"}, {"uuid": "053d56de-279c-4855-9ff3-ad33e5f91f66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22775", "type": "seen", "source": "https://t.me/cibsecurity/59213", "content": "\u203c CVE-2023-22775 \u203c\n\nA vulnerability exists which allows an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T12:39:40.000000Z"}, {"uuid": "8c5f8365-e94c-4191-ae9f-0bb8e93fa05e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22771", "type": "seen", "source": "https://t.me/cibsecurity/59212", "content": "\u203c CVE-2023-22771 \u203c\n\nAn insufficient session expiration vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability allows an attacker to keep a session running on an affected device after the removal of the impacted account\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T12:39:38.000000Z"}, {"uuid": "4c8d4544-7f55-4e4c-bb68-78a835cd041e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22778", "type": "seen", "source": "https://t.me/cibsecurity/59209", "content": "\u203c CVE-2023-22778 \u203c\n\nA vulnerability in the ArubaOS web management interface could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T12:39:35.000000Z"}, {"uuid": "e5c30375-e7da-4204-adc3-ec9cff9cf50c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22777", "type": "seen", "source": "https://t.me/cibsecurity/59207", "content": "\u203c CVE-2023-22777 \u203c\n\nAn authenticated information disclosure vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T12:39:33.000000Z"}, {"uuid": "4172b2aa-7bee-4d85-8479-7ee8ad061f11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22774", "type": "seen", "source": "https://t.me/cibsecurity/59202", "content": "\u203c CVE-2023-22774 \u203c\n\nAuthenticated path traversal vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to delete arbitrary files in the underlying operating system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T12:39:27.000000Z"}]}