Vulnerability-Lookup

FKIE_CVE-2023-28460

Vulnerability from fkie_nvd - Published: 2023-03-15 23:15 - Updated: 2024-11-21 07:55

Severity

7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Summary

A command injection vulnerability was discovered in Array Networks APV products. A remote attacker can send a crafted packet after logging into the affected appliance as an administrator, resulting in arbitrary shell code execution. This is fixed in 8.6.1.262 or newer and 10.4.2.93 or newer.

References

	URL	Tags
	cve@mitre.org	https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Command_Injection_Vulnerabilities_APV_ID-133258.pdf	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Command_Injection_Vulnerabilities_APV_ID-133258.pdf	Vendor Advisory

Impacted products

Vendor	Product	Version
arraynetworks	array_os	*
arraynetworks	array_os	*
arraynetworks	array_os	*
arraynetworks	array_os	10.4.3.2
arraynetworks	apv10650	-
arraynetworks	apv11600	-
arraynetworks	apv1600	-
arraynetworks	apv1600t	-
arraynetworks	apv1600v5	-
arraynetworks	apv1800	-
arraynetworks	apv2600	-
arraynetworks	apv2600v5	-
arraynetworks	apv2800	-
arraynetworks	apv3600	-
arraynetworks	apv3600v5	-
arraynetworks	apv3650	-
arraynetworks	apv5600	-
arraynetworks	apv5800	-
arraynetworks	apv6600	-
arraynetworks	apv6600fips	-
arraynetworks	apv7600	-
arraynetworks	apv7800	-
arraynetworks	apv800	-
arraynetworks	vapv	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arraynetworks:array_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B95D68DD-66E0-49E9-A629-CFC27B1B64AE",
              "versionEndIncluding": "8.6.1.243",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arraynetworks:array_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A495E881-FB00-4D4F-823B-74E09A8FFF13",
              "versionEndIncluding": "10.4.0.79",
              "versionStartIncluding": "9.0.1.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arraynetworks:array_os:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B21C2B5E-B719-405E-A440-8E696B1CE783",
              "versionEndIncluding": "10.4.2.58",
              "versionStartIncluding": "10.4.2.12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arraynetworks:array_os:10.4.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2866A3C-911B-451E-8D1E-FB2D3FE44BD1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv10650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B8896E1-0827-4DF6-A632-59E1C070BF04",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv11600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B8B1A9F-751E-4DB9-89EB-26EDAD38D277",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv1600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D1CE39-AAE9-41E8-9EBE-52CE62F04A12",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv1600t:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B69124F-8796-41C8-AEDF-A78623777E04",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv1600v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5593430D-614C-41B7-BFDE-DC386B071E2D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv1800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A31B40DD-3C61-45E4-9A32-CAC257E28C4A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv2600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EC12DCC-F257-4FF8-9AC3-F45F1AF1C3E8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv2600v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEC95ED6-D1DC-4E64-917F-36796B5B2492",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv2800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F54F2DE-889D-4036-AB92-74EE347FF689",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv3600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F1DC25-40C7-433C-A8A1-5BA0BF7B8203",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv3600v5:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "243C97F3-4440-4A7D-BF6A-59CDC5611001",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv3650:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "71B5A8EA-7442-4F51-9A2B-1658A9918534",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv5600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D0CEF16-7C68-4BA0-BD75-210DD155255F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv5800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E3C0C3B-09EB-411D-90DF-69B0F90024C4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv6600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7209BC0E-E55F-4071-923F-25DD4FA3C281",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv6600fips:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3025939-798D-4B63-A3FE-712E15D6CC3F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv7600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF0EC72-8236-430B-B759-46ACFEF3E9CD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv7800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "935D6EB4-2B2C-43E0-8FCF-01B559840DF8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:apv800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1D81145-DB70-4819-BA19-773102337AA8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:h:arraynetworks:vapv:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C18E4F55-6CF4-40D8-954E-12640A4D5224",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A command injection vulnerability was discovered in Array Networks APV products. A remote attacker can send a crafted packet after logging into the affected appliance as an administrator, resulting in arbitrary shell code execution. This is fixed in 8.6.1.262 or newer and 10.4.2.93 or newer."
    }
  ],
  "id": "CVE-2023-28460",
  "lastModified": "2024-11-21T07:55:07.767",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-03-15T23:15:10.013",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Command_Injection_Vulnerabilities_APV_ID-133258.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Command_Injection_Vulnerabilities_APV_ID-133258.pdf"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2023-28460 (GCVE-0-2023-28460)

Vulnerability from cvelistv5 – Published: 2023-03-15 00:00 – Updated: 2025-02-27 14:18

Summary

Severity

No CVSS data available.

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

CWE

Assigner

mitre

References

1 reference

URL	Tags
https://support.arraynetworks.net/prx/001/http/su…

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T12:38:25.363Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Command_Injection_Vulnerabilities_APV_ID-133258.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-28460",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-27T14:18:23.252471Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-27T14:18:37.236Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A command injection vulnerability was discovered in Array Networks APV products. A remote attacker can send a crafted packet after logging into the affected appliance as an administrator, resulting in arbitrary shell code execution. This is fixed in 8.6.1.262 or newer and 10.4.2.93 or newer."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-15T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_Command_Injection_Vulnerabilities_APV_ID-133258.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-28460",
    "datePublished": "2023-03-15T00:00:00.000Z",
    "dateReserved": "2023-03-15T00:00:00.000Z",
    "dateUpdated": "2025-02-27T14:18:37.236Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2023-28460

CVE-2023-28460 (GCVE-0-2023-28460)

Tags

Sightings

Nomenclature