How severe is CVE-2022-23684?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.8 out of 10.

What type of vulnerability is CVE-2022-23684?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2022-23684 - HIGH Severity | CVSS 8.8

Vulnerability Description

A vulnerability in the web-based management interface of AOS-CX could allow a remote authenticated user with read-only privileges to escalate their permissions to those of an administrative user. Successful exploitation of this vulnerability allows an attacker to escalate privileges beyond their authorized level in ArubaOS-CX Switches version(s): AOS-CX 10.09.xxxx: 10.09.1020 and below, AOS-CX 10.08.xxxx: 10.08.1060 and below, AOS-CX 10.06.xxxx: 10.06.0200 and below. Aruba has released upgrades for ArubaOS-CX Switch Devices that address this security vulnerability.

Related Vulnerabilities

CVE-2008-3431

HIGH

CVSS:8.8(High)

The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with th...

NVD-CWE-Other2008

CVE-2010-3730

HIGH

CVSS:8.8(High)

Google Chrome before 6.0.472.62 does not properly use information about the origin of a document to manage properties, which allows remote attackers to have an unspecified impact via a crafted web sit...

NVD-CWE-Other2010

CVE-2011-2668

HIGH

CVSS:8.8(High)

Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the content-length header

NVD-CWE-Other2011

CVE-2012-1856

HIGH

CVSS:8.8(High)

The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Ser...

NVD-CWE-Other2012

CVE-2012-3490

HIGH

CVSS:8.8(High)

The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x befor...

NVD-CWE-Other2012

CVE-2012-6307

HIGH

CVSS:8.8(High)

A vulnerability exists in JPEGsnoop 1.5.2 due to an unspecified issue in JPEG file handling, which could let a malicious user execute arbitrary code

NVD-CWE-Other2012