Vulnerabilities > Arubanetworks

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-15	CVE-2020-24641	Server-Side Request Forgery (SSRF) vulnerability in Arubanetworks Airwave Glass In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Forgery vulnerability through an unauthenticated endpoint that if successfully exploited can result in disclosure of sensitive information. network low complexity arubanetworks CWE-918	5.0
2021-01-15	CVE-2020-24640	Unspecified vulnerability in Arubanetworks Airwave Glass There is a vulnerability caused by insufficient input validation that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. network low complexity arubanetworks critical	10.0
2021-01-15	CVE-2020-24639	Deserialization of Untrusted Data vulnerability in Arubanetworks Airwave Glass There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. network low complexity arubanetworks CWE-502 critical	10.0
2021-01-15	CVE-2020-24638	Unspecified vulnerability in Arubanetworks Airwave Glass Multiple authenticated remote command executions are possible in Airwave Glass before 1.3.3 via the glassadmin cli. network low complexity arubanetworks critical	9.0
2020-12-11	CVE-2020-24637	Unspecified vulnerability in Arubanetworks Arubaos Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker to bypass secureboot. network low complexity arubanetworks critical	9.0
2020-12-11	CVE-2020-24634	Command Injection vulnerability in Arubanetworks Arubaos An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below. network low complexity arubanetworks CWE-77 critical	10.0
2020-12-11	CVE-2020-24633	Classic Buffer Overflow vulnerability in Arubanetworks Arubaos There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below. network low complexity arubanetworks CWE-120 critical	10.0
2020-11-04	CVE-2020-7129	Command Injection vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. network low complexity arubanetworks CWE-77 critical	9.0
2020-11-04	CVE-2020-7128	Command Injection vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. network low complexity arubanetworks CWE-77 critical	10.0
2020-10-26	CVE-2020-7127	Unspecified vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. network low complexity arubanetworks	7.5

Vulnerabilities > Arubanetworks {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Arubanetworks"}]}

Vulnerabilities > Arubanetworks