Vulnerabilities > Aruba > Mobility Controller
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-07-26 | CVE-2007-4023 | Cross-Site Scripting vulnerability in Aruba Mobility Controllers Login Pages Cross-site scripting (XSS) vulnerability in the login CGI program in Aruba Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier FIPS versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. network aruba | 4.3 |
2007-02-14 | CVE-2007-0932 | Permissions, Privileges, and Access Controls vulnerability in multiple products The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest account, which allows remote attackers to access administrative interfaces or the WLAN. | 7.5 |
2007-02-14 | CVE-2007-0931 | Multiple vulnerability in Aruba Mobility Controller Heap-based buffer overflow in the management interfaces in (1) Aruba Mobility Controllers 200, 800, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via long credential strings. | 7.5 |