Multiple vulnerabilities in Aruba EdgeConnect Enterprise Orchestrator
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 13 |
| CVE-ID | CVE-2022-43519 CVE-2022-43520 CVE-2022-43521 CVE-2022-43522 CVE-2022-43523 CVE-2022-43524 CVE-2022-43525 CVE-2022-43526 CVE-2022-43527 CVE-2022-43528 CVE-2022-43529 CVE-2022-44534 CVE-2022-44535 |
| CWE-ID | CWE-89 CWE-79 CWE-287 CWE-613 CWE-78 CWE-284 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
EdgeConnect Enterprise Orchestrator Server applications / Other server solutions |
| Vendor |
Security Bulletin
This security bulletin contains information about 13 vulnerabilities.
1) SQL injection
EUVDB-ID: #VU70303
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-43519
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data within the web-based management interface. A remote authenticated user can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Install updates from vendor's website.
Vulnerable software versionsEdgeConnect Enterprise Orchestrator: before 9.2.2.40291
External linkshttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-021.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) SQL injection
EUVDB-ID: #VU70304
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-43520
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data within the web-based management interface. A remote authenticated user can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Install updates from vendor's website.
Vulnerable software versionsEdgeConnect Enterprise Orchestrator: before 9.2.2.40291
External linkshttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-021.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) SQL injection
EUVDB-ID: #VU70305
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-43521
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data within the web-based management interface. A remote authenticated user can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Install updates from vendor's website.
Vulnerable software versionsEdgeConnect Enterprise Orchestrator: before 9.2.2.40291
External linkshttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-021.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) SQL injection
EUVDB-ID: #VU70306
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-43522
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data within the web-based management interface. A remote authenticated user can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Install updates from vendor's website.
Vulnerable software versionsEdgeConnect Enterprise Orchestrator: before 9.2.2.40291
External linkshttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-021.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) SQL injection
EUVDB-ID: #VU70307
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-43523
CWE-ID:
CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary SQL queries in database.
The vulnerability exists due to insufficient sanitization of user-supplied data within the web-based management interface. A remote authenticated user can send a specially crafted request to the affected application and execute arbitrary SQL commands within the application database.
Install updates from vendor's website.
Vulnerable software versionsEdgeConnect Enterprise Orchestrator: before 9.2.2.40291
External linkshttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-021.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Stored cross-site scripting
EUVDB-ID: #VU70308
Risk: Low
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-43524
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote user to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within the web-based management interface. A remote user can permanently inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsEdgeConnect Enterprise Orchestrator: before 9.2.2.40291
External linkshttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-021.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Cross-site scripting
EUVDB-ID: #VU70309
Risk: Low
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-43525
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within the web-based management interface. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsEdgeConnect Enterprise Orchestrator: before 9.2.2.40291
External linkshttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-021.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) Cross-site scripting
EUVDB-ID: #VU70310
Risk: Low
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-43526
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within the web-based management interface. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsEdgeConnect Enterprise Orchestrator: before 9.2.2.40291
External linkshttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-021.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Cross-site scripting
EUVDB-ID: #VU70311
Risk: Low
CVSSv3.1: 5.3 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-43527
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within the web-based management interface. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall updates from vendor's website.
Vulnerable software versionsEdgeConnect Enterprise Orchestrator: before 9.2.2.40291
External linkshttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-021.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Improper Authentication
EUVDB-ID: #VU70312
Risk: Low
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-43528
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass multi-factor authentication process.
The vulnerability exists due to an error in handling of multi-factor authentication. A remote user can bypass multi-factor authentication process and gain access to the application without providing the second token.
Install updates from vendor's website.
Vulnerable software versionsEdgeConnect Enterprise Orchestrator: before 9.2.2.40291
External linkshttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-021.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Insufficient Session Expiration
EUVDB-ID: #VU70313
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-43529
CWE-ID:
CWE-613 - Insufficient Session Expiration
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient session expiration issue, related to improper invalidation of previously issues session tokens even after a password reset or similar session clearing events. A remote non-authenticated attacker can obtain or guess session token and gain unauthorized access to session that belongs to another user.
MitigationInstall updates from vendor's website.
Vulnerable software versionsEdgeConnect Enterprise Orchestrator: before 9.2.2.40291
External linkshttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-021.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) OS Command Injection
EUVDB-ID: #VU70314
Risk: Medium
CVSSv3.1: 6.3 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-44534
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote user to execute arbitrary shell commands on the target system.
The vulnerability exists due to unspecified vulnerability in the web-based management interface. A remote authenticated administrator can execute arbitrary OS commands as root on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsEdgeConnect Enterprise Orchestrator: before 9.2.2.40291
External linkshttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-021.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
13) Improper access control
EUVDB-ID: #VU70315
Risk: Medium
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-44535
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges with in the application.
The vulnerability exists due to improper access restrictions within the web-based management interface. A remote user can bypass implemented security restrictions and gain administrative access to the application.
MitigationInstall updates from vendor's website.
Vulnerable software versionsEdgeConnect Enterprise Orchestrator: before 9.2.2.40291
External linkshttp://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-021.txt
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
