CVE-2023-28461 (GCVE-0-2023-28461)

Vulnerability from cvelistv5 – Published: 2023-03-15 00:00 – Updated: 2025-10-21 23:15
VLAI CISA Shadowserver KEVIntel
Summary
Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated "a new Array AG release with the fix will be available soon."
SSVC
Exploitation: active Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • n/a
  • CWE-306 - Missing Authentication for Critical Function
Assigner
Impacted products
Vendor Product Version
arraynetworks arrayos_ag Affected: 0 , ≤ 9.4.0.481 (custom)
    cpe:2.3:o:arraynetworks:arrayos_ag:-:*:*:*:*:*:*:*
Create a notification for this product.
CISA
Known Exploited Vulnerability - GCVE BCP-07 Compliant

Vulnerability ID: CVE-2023-28461

Status: Confirmed

Status Updated: 2024-11-25 00:00 UTC

Exploited: Yes


Timestamps
First Seen: 2024-11-25
Asserted: 2024-11-25

Scope
Notes: KEV entry: Array Networks AG and vxAG ArrayOS Missing Authentication for Critical Function Vulnerability | Affected: Array Networks / AG/vxAG ArrayOS | Description: Array Networks AG and vxAG ArrayOS contain a missing authentication for critical function vulnerability that allows an attacker to read local files and execute code on the SSL VPN gateway. | Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. | Due date: 2024-12-16 | Known ransomware campaign use (KEV): Known | Notes (KEV): https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf ; https://nvd.nist.gov/vuln/detail/CVE-2023-28461

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev


Details
Cwes CWE-306
Feed CISA Known Exploited Vulnerabilities Catalog
Product AG/vxAG ArrayOS
Due Date 2024-12-16
Date Added 2024-11-25
Vendorproject Array Networks
Vulnerabilityname Array Networks AG and vxAG ArrayOS Missing Authentication for Critical Function Vulnerability
Knownransomwarecampaignuse Known

References

Created: 2026-02-02 12:26 UTC | Updated: 2026-02-06 07:17 UTC
Shadowserver
Known Exploited Vulnerability - GCVE BCP-07 Compliant

Vulnerability ID: CVE-2023-28461

Status: Confirmed

Status Updated: 2025-01-14 00:00 UTC

Exploited: Yes


Characteristics
Severity: 98.0

Timestamps
First Seen: 2024-12-03
Asserted: 2024-12-03
Last Seen: 2025-01-14

Scope
Asset Exposure: ['internet-facing']
Notes: Affected: Array Networks / Array AG Series and vxAG | Class: firewall | Severity: Critical (CVSS 9.8) | IoT: no | In CISA KEV: yes | Honeypot connections on 2025-01-14: 1

Evidence

Type: Honeypot

Signal: In The Wild Attempts

Confidence: 70%

Source: shadowserver


Details
1D 1
Iot no
Feed Shadowserver Foundation honeypot/exploited-vulnerabilities
Type http-scan
Class firewall
7D Avg 0
Vendor Array Networks
30D Avg 0
90D Avg 0
Product Array AG Series and vxAG
Cisa Kev yes
Connections 1
Observation Date 2025-01-14
Vulnerability Class CVSS
Vulnerability Score 9.8
Vulnerability Severity Critical

References

Created: 2026-06-30 09:59 UTC | Updated: 2026-06-30 12:06 UTC
KEVIntel
Known Exploited Vulnerability - GCVE BCP-07 Compliant

Vulnerability ID: CVE-2023-28461

Status: Confirmed

Status Updated: 2024-11-25 00:00 UTC

Exploited: Yes


Timestamps
First Seen: 2024-11-25
Asserted: 2024-11-25

Scope
Notes: KEVIntel entry: Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN... | Affected: Array Networks / Array AG Series and vxAG | CVSS: 9.8 (CRITICAL) | Used in malware: yes | Not yet in CISA KEV: False

Evidence

Type: Public Report

Signal: Confirmed Compromise

Confidence: 70%

Source: kevintel


Details
Feed KEVIntel (kevintel.com)
Title Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN...
Vendor Array Networks
Product Array AG Series and vxAG
Added Date 2024-11-25T00:00:00.000Z
Cvss Score 9.8
Epss Score None
Cvss Severity CRITICAL
Epss Percentile None
Used In Malware yes
Ahead Of Cisa Kev None
Not Yet In Cisa Kev False

References

Created: 2026-06-23 14:06 UTC | Updated: 2026-07-10 06:14 UTC
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T12:38:25.279Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:arraynetworks:arrayos_ag:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "arrayos_ag",
            "vendor": "arraynetworks",
            "versions": [
              {
                "lessThanOrEqual": "9.4.0.481",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-28461",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-26T04:55:26.280443Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-11-25",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28461"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-306",
                "description": "CWE-306 Missing Authentication for Critical Function",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:15:23.174Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28461"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2024-11-25T00:00:00.000Z",
            "value": "CVE-2023-28461 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated \"a new Array AG release with the fix will be available soon.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-15T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-28461",
    "datePublished": "2023-03-15T00:00:00.000Z",
    "dateReserved": "2023-03-15T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:15:23.174Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2023-28461",
      "cwes": "[\"CWE-306\"]",
      "dateAdded": "2024-11-25",
      "dueDate": "2024-12-16",
      "knownRansomwareCampaignUse": "Known",
      "notes": "https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf ; https://nvd.nist.gov/vuln/detail/CVE-2023-28461",
      "product": "AG/vxAG ArrayOS",
      "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "Array Networks AG and vxAG ArrayOS contain a missing authentication for critical function vulnerability that allows an attacker to read local files and execute code on the SSL VPN gateway.",
      "vendorProject": "Array Networks ",
      "vulnerabilityName": "Array Networks AG and vxAG ArrayOS Missing Authentication for Critical Function Vulnerability"
    },
    "epss": {
      "cve": "CVE-2023-28461",
      "date": "2026-07-12",
      "epss": "0.67645",
      "percentile": "0.99231"
    },
    "fkie_nvd": {
      "cisaActionDue": "2024-12-16",
      "cisaExploitAdd": "2024-11-25",
      "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "cisaVulnerabilityName": "Array Networks AG and vxAG ArrayOS Missing Authentication for Critical Function Vulnerability",
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:arraynetworks:arrayos_ag:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"9.4.0.481\", \"matchCriteriaId\": \"D704D079-D1AF-40EA-98E7-BE1E01371B11\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arraynetworks:ag1000:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EBE11A77-8C2F-46CA-87BA-47624380FFC1\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arraynetworks:ag1000t:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5ED51E1F-3155-40C6-B61C-73D6A9F64987\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arraynetworks:ag1000v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0BC33CF-FA0B-4556-B11E-61FF9B14880A\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arraynetworks:ag1100v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A9C8C9AE-AF59-4E5A-93CD-A394F1A31FA0\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arraynetworks:ag1150:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5E025A9D-6B7C-42B6-95EA-0A5726A919F4\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arraynetworks:ag1200:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0771D54C-15DF-403C-8CFA-B1E7D0136F50\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arraynetworks:ag1200v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C9F6B87-E3D2-419A-B086-B981EF912F80\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arraynetworks:ag1500:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D385DBD0-C4A9-4168-82C2-832E0E40F42D\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arraynetworks:ag1500fips:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"01569AB3-736D-47FE-86DD-F08ACDDCD11E\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arraynetworks:ag1500v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"22E45185-071F-414A-AF78-4739F15A1D93\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arraynetworks:ag1600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C6F0988E-5E75-486A-9229-956D38A51C35\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arraynetworks:ag1600v5:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D09E2CC-C1B5-40DC-AD1A-7C6AB20525DC\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:arraynetworks:vxag:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6E149796-E3D7-4FAF-AB64-8D273E701861\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated \\\"a new Array AG release with the fix will be available soon.\\\"\"}]",
      "id": "CVE-2023-28461",
      "lastModified": "2024-12-02T17:15:05.133",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}]}",
      "published": "2023-03-15T23:15:10.070",
      "references": "[{\"url\": \"https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}, {\"url\": \"https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf\", \"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"tags\": [\"Mitigation\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-287\"}]}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-306\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-28461\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2023-03-15T23:15:10.070\",\"lastModified\":\"2026-06-17T05:47:47.443\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated \\\"a new Array AG release with the fix will be available soon.\\\"\"}],\"affected\":[{\"source\":\"cve@mitre.org\",\"affectedData\":[{\"vendor\":\"n/a\",\"product\":\"n/a\",\"versions\":[{\"version\":\"n/a\",\"status\":\"affected\"}]}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"affectedData\":[{\"vendor\":\"arraynetworks\",\"product\":\"arrayos_ag\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:2.3:o:arraynetworks:arrayos_ag:-:*:*:*:*:*:*:*\"],\"versions\":[{\"version\":\"0\",\"lessThanOrEqual\":\"9.4.0.481\",\"versionType\":\"custom\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2024-11-26T04:55:26.280443Z\",\"id\":\"CVE-2023-28461\",\"options\":[{\"exploitation\":\"active\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"total\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"cisaExploitAdd\":\"2024-11-25\",\"cisaActionDue\":\"2024-12-16\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Array Networks AG and vxAG ArrayOS Missing Authentication for Critical Function Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-306\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:arraynetworks:arrayos_ag:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"9.4.0.481\",\"matchCriteriaId\":\"D704D079-D1AF-40EA-98E7-BE1E01371B11\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arraynetworks:ag1000:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBE11A77-8C2F-46CA-87BA-47624380FFC1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arraynetworks:ag1000t:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5ED51E1F-3155-40C6-B61C-73D6A9F64987\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arraynetworks:ag1000v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0BC33CF-FA0B-4556-B11E-61FF9B14880A\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arraynetworks:ag1100v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9C8C9AE-AF59-4E5A-93CD-A394F1A31FA0\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arraynetworks:ag1150:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E025A9D-6B7C-42B6-95EA-0A5726A919F4\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arraynetworks:ag1200:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0771D54C-15DF-403C-8CFA-B1E7D0136F50\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arraynetworks:ag1200v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C9F6B87-E3D2-419A-B086-B981EF912F80\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arraynetworks:ag1500:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D385DBD0-C4A9-4168-82C2-832E0E40F42D\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arraynetworks:ag1500fips:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01569AB3-736D-47FE-86DD-F08ACDDCD11E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arraynetworks:ag1500v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"22E45185-071F-414A-AF78-4739F15A1D93\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arraynetworks:ag1600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C6F0988E-5E75-486A-9229-956D38A51C35\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arraynetworks:ag1600v5:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D09E2CC-C1B5-40DC-AD1A-7C6AB20525DC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:arraynetworks:vxag:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E149796-E3D7-4FAF-AB64-8D273E701861\"}]}]}],\"references\":[{\"url\":\"https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28461\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "redhat_vex": {
      "current_release_date": "2026-03-27T11:41:57+00:00",
      "cve": "CVE-2023-28461",
      "id": "CVE-2023-28461",
      "initial_release_date": "2023-01-01T00:00:00+00:00",
      "product_status:known_not_affected": "1",
      "source": "Red Hat CSAF VEX",
      "status": "final",
      "title": "CVE-2023-28461",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2023/cve-2023-28461.json",
      "version": "3"
    },
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T12:38:25.279Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-28461\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-11-26T04:55:26.280443Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2024-11-25\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28461\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:arraynetworks:arrayos_ag:-:*:*:*:*:*:*:*\"], \"vendor\": \"arraynetworks\", \"product\": \"arrayos_ag\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"9.4.0.481\"}], \"defaultStatus\": \"unknown\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-11-25T00:00:00.000Z\", \"value\": \"CVE-2023-28461 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-28461\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-306\", \"description\": \"CWE-306 Missing Authentication for Critical Function\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-11-22T18:02:36.814Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Remote_Code_Execution_Vulnerability_AG.pdf\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable URL. The 2023-03-09 vendor advisory stated \\\"a new Array AG release with the fix will be available soon.\\\"\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2023-03-15T00:00:00.000Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-28461\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:15:23.174Z\", \"dateReserved\": \"2023-03-15T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2023-03-15T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…