U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2023-28461

Change History

Initial Analysis by NIST 3/24/2023 10:57:24 AM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
AND
     OR
          *cpe:2.3:o:arraynetworks:arrayos_ag:*:*:*:*:*:*:*:* versions up to (including) 9.4.0.481
     OR
          cpe:2.3:h:arraynetworks:ag1000:-:*:*:*:*:*:*:*
          cpe:2.3:h:arraynetworks:ag1000t:-:*:*:*:*:*:*:*
          cpe:2.3:h:arraynetworks:ag1000v5:-:*:*:*:*:*:*:*
          cpe:2.3:h:arraynetworks:ag1100v5:-:*:*:*:*:*:*:*
          cpe:2.3:h:arraynetworks:ag1150:-:*:*:*:*:*:*:*
          cpe:2.3:h:arraynetworks:ag1200:-:*:*:*:*:*:*:*
          cpe:2.3:h:arraynetworks:ag1200v5:-:*:*:*:*:*:*:*
          cpe:2.3:h:arraynetworks:ag1500:-:*:*:*:*:*:*:*
          cpe:2.3:h:arraynetworks:ag1500fips:-:*:*:*:*:*:*:*
          cpe:2.3:h:arraynetworks:ag1500v5:-:*:*:*:*:*:*:*
          cpe:2.3:h:arraynetworks:ag1600:-:*:*:*:*:*:*:*
          cpe:2.3:h:arraynetworks:ag1600v5:-:*:*:*:*:*:*:*
          cpe:2.3:h:arraynetworks:vxag:-:*:*:*:*:*:*:*
Added CVSS V3.1

								
							
							
						
NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Added CWE

								
							
							
						
NIST CWE-287
Changed Reference Type
https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf No Types Assigned
https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf Mitigation, Vendor Advisory