Vulnerabilities > Arubanetworks > Aruba Edgeconnect Enterprise Orchestrator > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-05 | CVE-2022-43524 | Cross-site Scripting vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. | 5.4 |
| 2023-01-05 | CVE-2022-43525 | Cross-site Scripting vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
| 2023-01-05 | CVE-2022-43526 | Cross-site Scripting vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
| 2023-01-05 | CVE-2022-43527 | Cross-site Scripting vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
| 2023-01-05 | CVE-2022-43528 | Unspecified vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator Under certain configurations, an attacker can login to Aruba EdgeConnect Enterprise Orchestrator without supplying a multi-factor authentication code. | 6.5 |
| 2023-01-05 | CVE-2022-43529 | Session Fixation vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an remote attacker to persist a session after a password reset or similar session clearing event. | 5.4 |