Faced with multiple critical severity vulnerabilities that allow remote attackers to compromise the host, Aruba has issued security updates for the EdgeConnect Enterprise Orchestrator.
Aruba EdgeConnect Orchestrator is a common WAN management solution that provides enterprise users with features such as optimization, administration, automation, and real-time visibility and monitoring.
Critical and easily exploitable flaws in this product pose risks to systems and networks, so administrators should prioritize applying available security updates, as Bleeping Computer explained.
Here are the vulnerabilities that Aruba fixed in their latest updates:
- CVE-2022-37913 and CVE-2022-37914 (CVSS v3.1 – 9.8) These authentication bypass flaws in EdgeConnect Orchestrator’s web-based management interface and could allow an remote attacker to bypass authentication. When this flaw is successfully exploited, an attacker’s privileges are elevated to administrator without credentials, opening the door to complete host compromise.
- CVE-2022-37915 (CVSS v3.1 – 9.8) A flaw in EdgeConnect Orchestrator’s web-based management interface allows arbitrary command execution on the underlying host, resulting in complete system compromise.
The following versions were released to address the serious security flaws:
The vendor doesn’t support older versions, so they won’t get a security update for the above flaws. Therefore, it is suggested that users of older versions upgrade to a newer product release as soon as possible.
In the security advisory, the vendor suggests restricting the product’s CLI and web-based management interfaces to a dedicated layer 2 segment/VLAN or setting firewall policies to layer 3 and above.
Aruba stated that as of the 12th of October it had not detected active exploitation of the previously mentioned flaws and has not seen any discussions or proof of concept exploits that target the vulnerabilities.
Aruba Networks is a cloud-based networking platform specializing in wired, wireless, and SD-WAN solutions that use AI to automate and secure the network from edge-to-cloud and a subsidiary of Hewlett Packard Enterprise company. The division has faced cyberattacks in the past, one of them related by my colleague Dora in this article from 2021.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.