{"vulnerability": "CVE-2023-3597", "sightings": [{"uuid": "ae6e7ae6-f1c8-44db-b3a5-c80e855f512b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35971", "type": "seen", "source": "https://t.me/cibsecurity/65974", "content": "\u203c CVE-2023-35971 \u203c\n\nA vulnerability in the ArubaOS web-based management interface could allow an unauthenticated remote attacker to\u00c2\u00a0conduct a stored cross-site scripting (XSS) attack against a\u00c2\u00a0user of the interface. A successful exploit could\u00c2\u00a0allow an attacker to execute arbitrary script code in a\u00c2\u00a0victim's browser in the context of the affected interface.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-05T18:21:54.000000Z"}, {"uuid": "94a333e8-1f74-4cd7-8666-457085567b61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35978", "type": "seen", "source": "https://t.me/cibsecurity/65983", "content": "\u203c CVE-2023-35978 \u203c\n\nA vulnerability in ArubaOS could allow an unauthenticated\u00c2\u00a0remote attacker to conduct a reflected cross-site scripting\u00c2\u00a0(XSS) attack against a user of the web-based management\u00c2\u00a0interface. A successful exploit could allow an attacker to\u00c2\u00a0execute arbitrary script code in a victim's browser in the\u00c2\u00a0context of the affected interface.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-05T18:22:09.000000Z"}, {"uuid": "f73ee4cb-5bbc-4c6e-9f55-4dda898f2eb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35976", "type": "seen", "source": "https://t.me/cibsecurity/65981", "content": "\u203c CVE-2023-35976 \u203c\n\nVulnerabilities exist which allow an authenticated attacker\u00c2\u00a0to access sensitive information on the ArubaOS command line\u00c2\u00a0interface. Successful exploitation could allow access to data\u00c2\u00a0beyond what is authorized by the users existing privilege\u00c2\u00a0level.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-05T18:22:04.000000Z"}, {"uuid": "aab7cfb0-6600-4c68-a697-f83d48867942", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35975", "type": "seen", "source": "https://t.me/cibsecurity/65980", "content": "\u203c CVE-2023-35975 \u203c\n\nAn authenticated path traversal vulnerability exists in the\u00c2\u00a0ArubaOS command line interface. Successful exploitation of\u00c2\u00a0this vulnerability results in the ability to delete arbitrary\u00c2\u00a0files in the underlying operating system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-05T18:22:03.000000Z"}, {"uuid": "3dfb685e-42d9-4b39-94b7-0513d7b317c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35977", "type": "seen", "source": "https://t.me/cibsecurity/65979", "content": "\u203c CVE-2023-35977 \u203c\n\nVulnerabilities exist which allow an authenticated attacker\u00c2\u00a0to access sensitive information on the ArubaOS command line\u00c2\u00a0interface. Successful exploitation could allow access to data\u00c2\u00a0beyond what is authorized by the users existing privilege\u00c2\u00a0level.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-05T18:22:02.000000Z"}, {"uuid": "5f3ef84f-43f9-46aa-af5b-fb43acf36f06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35979", "type": "seen", "source": "https://t.me/cibsecurity/65978", "content": "\u203c CVE-2023-35979 \u203c\n\nThere is an unauthenticated buffer overflow vulnerability\u00c2\u00a0in the process controlling the ArubaOS web-based management\u00c2\u00a0interface. Successful exploitation of this vulnerability\u00c2\u00a0results in a Denial-of-Service (DoS) condition affecting the\u00c2\u00a0web-based management interface of the controller.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-05T18:22:01.000000Z"}, {"uuid": "2d10d2a9-de10-49a5-8cbb-3b60aec5f897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35972", "type": "seen", "source": "https://t.me/cibsecurity/65976", "content": "\u203c CVE-2023-35972 \u203c\n\nAn authenticated remote command injection vulnerability\u00c2\u00a0exists in the ArubaOS web-based management interface.\u00c2\u00a0Successful exploitation of this vulnerability results in the\u00c2\u00a0ability to execute arbitrary commands as a privileged user\u00c2\u00a0on the underlying operating system. This allows an attacker\u00c2\u00a0to fully compromise the underlying operating system on the\u00c2\u00a0device running ArubaOS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-05T18:21:56.000000Z"}, {"uuid": "450d844a-e39b-4c9e-b99c-be30ce8357ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35974", "type": "seen", "source": "https://t.me/cibsecurity/65975", "content": "\u203c CVE-2023-35974 \u203c\n\nAuthenticated command injection vulnerabilities exist in\u00c2\u00a0the ArubaOS command line interface. Successful exploitation\u00c2\u00a0of these vulnerabilities result in the ability to execute\u00c2\u00a0arbitrary commands as a privileged user on the underlying\u00c2\u00a0operating system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-05T18:21:55.000000Z"}, {"uuid": "34a66913-a1e5-4b63-8815-ab300a219061", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35970", "type": "seen", "source": "https://t.me/ctinow/169002", "content": "https://ift.tt/O3Ftpjm\nCVE-2023-35970 Exploit", "creation_timestamp": "2024-01-16T21:16:36.000000Z"}, {"uuid": "4a8455bf-6125-4dd4-b8cb-bd82d07fb51e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35973", "type": "seen", "source": "https://t.me/cibsecurity/65982", "content": "\u203c CVE-2023-35973 \u203c\n\nAuthenticated command injection vulnerabilities exist in\u00c2\u00a0the ArubaOS command line interface. Successful exploitation\u00c2\u00a0of these vulnerabilities result in the ability to execute\u00c2\u00a0arbitrary commands as a privileged user on the underlying\u00c2\u00a0operating system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-05T18:22:05.000000Z"}]}