CVE-2023-35975 : What You Need to Know
Discover how CVE-2023-35975 affects Aruba Mobility Conductor, Controllers, WLAN Gateways, and SD-WAN Gateways, the impact, and mitigation steps to prevent unauthorized file deletion.
An authenticated path traversal vulnerability exists in the ArubaOS command line interface, allowing the deletion of arbitrary files in the underlying operating system.
Understanding CVE-2023-35975
This CVE identifies a critical vulnerability in Aruba Mobility Conductor, Controllers, WLAN Gateways, and SD-WAN Gateways managed by Aruba Central, impacting multiple versions of ArubaOS.
What is CVE-2023-35975?
CVE-2023-35975 is an authenticated path traversal vulnerability in the ArubaOS command line interface, enabling attackers to delete any files within the operating system, leading to potential system compromise.
The Impact of CVE-2023-35975
The exploitation of this vulnerability can result in high availability impact and integrity compromise. Attackers with high privileges can exploit this flaw to disrupt system operations and delete crucial files.
Technical Details of CVE-2023-35975
This section provides specific technical details related to the vulnerability affecting the systems and versions mentioned.
Vulnerability Description
An authenticated path traversal vulnerability in ArubaOS CLI allows attackers to delete arbitrary files on the system, posing a significant risk to system integrity.
Affected Systems and Versions
- Aruba Mobility Conductor (formerly Mobility Master); Aruba Mobility Controllers; WLAN Gateways and SD-WAN Gateways managed by Aruba Central
- ArubaOS 10.4.x.x: 10.4.0.1 and below
- ArubaOS 8.11.x.x: 8.11.1.0 and below
- ArubaOS 8.10.x.x: 8.10.0.6 and below
- ArubaOS 8.6.x.x: 8.6.0.20 and below
Exploitation Mechanism
The vulnerability can be exploited by authenticated attackers via the ArubaOS CLI to traverse the path and delete critical files, impacting system availability and integrity.
Mitigation and Prevention
To safeguard systems against CVE-2023-35975, immediate action must be taken to mitigate the risk and prevent potential exploitation.
Immediate Steps to Take
- Apply security patches provided by Hewlett Packard Enterprise (HPE) to update the affected versions of ArubaOS.
- Monitor system logs for any unusual activities.
Long-Term Security Practices
- Regularly update and patch all software to address known vulnerabilities.
- Enforce the principle of least privilege to limit potential damage by privileged accounts.
Patching and Updates
Stay informed about security advisories and updates released by HPE for the affected Aruba devices and promptly apply patches to ensure system security.