← Volver a CVEs
CVE-2023-38401
HIGH7.8
Descripcion
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow local users to elevate privileges. Successful exploitation could allow execution of arbitrary code with NT AUTHORITY\SYSTEM privileges on the operating system.
Detalles CVE
Puntuacion CVSS v3.17.8
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado8/15/2023
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
hp:aruba_virtual_intranet_accessmicrosoft:windows
Referencias
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt(security-alert@hpe.com)
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-011.txt(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.