Vulnerabilities > CVE-2007-4023 - Cross-Site Scripting vulnerability in Aruba Mobility Controllers Login Pages
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
NONE Integrity impact
PARTIAL Availability impact
NONE network
aruba
Summary
Cross-site scripting (XSS) vulnerability in the login CGI program in Aruba Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier FIPS versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Hardware | 1 |
References
- http://osvdb.org/36469
- http://secunia.com/advisories/26192
- http://www.arubanetworks.com/support/alerts/aid-070907b.asc
- http://www.kb.cert.org/vuls/id/680449
- http://www.securityfocus.com/bid/25059
- http://www.securitytracker.com/id?1018457
- http://www.vupen.com/english/advisories/2007/2646
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35605