CVE-2023-22791
Description
A vulnerability exists in Aruba InstantOS and ArubaOS 10where an edge-case combination of network configuration, aspecific WLAN environment and an attacker already possessingvalid user credentials on that WLAN can lead to sensitiveinformation being disclosed via the WLAN. The scenarios inwhich this disclosure of potentially sensitive informationcan occur are complex and depend on factors that are beyondthe control of the attacker.
Risk Information
Base Score
4.8
MODERATE
Vector
CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.162
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| CVE-2023-22791 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234