CVE-2022-23678

2022-09-0617:18:52

hpe

www.cve.org

aruba

virtual intranet access

via

microsoft windows

security vulnerability

5.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

53.3%

JSON

A vulnerability in the Aruba Virtual Intranet Access (VIA) client for Microsoft Windows operating system client communications that could allow for an attacker in a privileged network position to intercept sensitive information in Aruba Virtual Intranet Access (VIA) client for Microsoft Windows operating system versions: 4.3.0 build 2208101 and below. Aruba has released upgrades for Virtual Intranet Access (VIA) Client that address this security vulnerability.

CNA Affected

[
  {
    "product": "Aruba Virtual Intranet Access (VIA)",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Windows Client Only - All versions lower than VIA 4.3.0 build 2208101"
      }
    ]
  }
]

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-011.txt