Vulnerabilities > Aruba Networks
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-12-15 | CVE-2008-5563 | Resource Management Errors vulnerability in multiple products Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x allows remote attackers to cause a denial of service (device crash) via a malformed Extensible Authentication Protocol (EAP) frame. | 7.8 |
| 2008-05-16 | CVE-2008-2272 | Cross-Site Scripting vulnerability in Aruba Networks Aruba Mobility Controller Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.5.x, 2.5.6.x, 3.1.1.x, 3.2.0.x, and 3.3.1.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2008-01-09 | CVE-2008-0150 | Improper Authentication vulnerability in Aruba Networks Aruba Mobility Controllers Unspecified vulnerability in the LDAP authentication feature in Aruba Mobility Controller 2.3.6.15, 2.5.2.11, 2.5.4.25, 2.5.5.7, 3.1.1.3, and 2.4.8.11-FIPS or earlier allows remote attackers to bypass authentication mechanisms and obtain management or VPN interface access. | 6.8 |
| 2007-11-20 | CVE-2007-6054 | Cross-Site Scripting vulnerability in Aruba Networks Mc-800 Cross-site scripting (XSS) vulnerability in the login page in the management interface in the Aruba 800 Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /screens URI, related to the url variable. | 4.3 |