Vulnerabilities > Arubanetworks

DATE CVE VULNERABILITY TITLE RISK
2023-01-05 CVE-2022-43519 SQL Injection vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator
Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance.
network
low complexity
arubanetworks CWE-89
8.8
2023-01-05 CVE-2022-43520 SQL Injection vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator
Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance.
network
low complexity
arubanetworks CWE-89
8.8
2023-01-05 CVE-2022-43521 SQL Injection vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator
Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance.
network
low complexity
arubanetworks CWE-89
8.8
2023-01-05 CVE-2022-43522 SQL Injection vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator
Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance.
network
low complexity
arubanetworks CWE-89
8.8
2023-01-05 CVE-2022-43523 SQL Injection vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator
Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance.
network
low complexity
arubanetworks CWE-89
8.8
2023-01-05 CVE-2022-43524 Cross-site Scripting vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator
A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface.
network
low complexity
arubanetworks CWE-79
5.4
2023-01-05 CVE-2022-43525 Cross-site Scripting vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator
Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
arubanetworks CWE-79
6.1
2023-01-05 CVE-2022-43526 Cross-site Scripting vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator
Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
arubanetworks CWE-79
6.1
2023-01-05 CVE-2022-43527 Cross-site Scripting vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator
Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
arubanetworks CWE-79
6.1
2023-01-05 CVE-2022-43528 Improper Authentication vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator
Under certain configurations, an attacker can login to Aruba EdgeConnect Enterprise Orchestrator without supplying a multi-factor authentication code.
network
low complexity
arubanetworks CWE-287
6.5