Vulnerabilities > Arubanetworks > Aruba Instant > 8.3.0.5
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-10 | CVE-2018-7084 | OS Command Injection vulnerability in multiple products A command injection vulnerability is present that permits an unauthenticated user with access to the Aruba Instant web interface to execute arbitrary system commands within the underlying operating system. | 9.8 |
2019-05-10 | CVE-2018-7064 | Cross-site Scripting vulnerability in multiple products A reflected cross-site scripting (XSS) vulnerability is present in an unauthenticated Aruba Instant web interface. | 6.1 |
2019-05-10 | CVE-2018-7083 | Information Exposure vulnerability in multiple products If a process running within Aruba Instant crashes, it may leave behind a "core dump", which contains the memory contents of the process at the time it crashed. | 7.5 |
2019-05-10 | CVE-2018-7082 | OS Command Injection vulnerability in multiple products A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. | 7.2 |