Vulnerabilities > Arubanetworks > Aruba Instant > 8.3.0.3
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-10 | CVE-2018-7084 | OS Command Injection vulnerability in multiple products A command injection vulnerability is present that permits an unauthenticated user with access to the Aruba Instant web interface to execute arbitrary system commands within the underlying operating system. | 9.8 |
| 2019-05-10 | CVE-2018-7064 | Cross-site Scripting vulnerability in multiple products A reflected cross-site scripting (XSS) vulnerability is present in an unauthenticated Aruba Instant web interface. | 4.3 |
| 2019-05-10 | CVE-2018-7083 | Information Exposure vulnerability in multiple products If a process running within Aruba Instant crashes, it may leave behind a "core dump", which contains the memory contents of the process at the time it crashed. | 5.0 |
| 2019-05-10 | CVE-2018-7082 | OS Command Injection vulnerability in multiple products A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. | 7.2 |