Vulnerabilities > Arubanetworks > Aruba Instant > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-10-12 CVE-2021-37726 Classic Buffer Overflow vulnerability in multiple products
A remote buffer overflow vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 8.7.x.x: 8.7.0.0 through 8.7.1.2.
network
low complexity
arubanetworks siemens CWE-120
critical
 9.8
9.8
2020-01-31 CVE-2016-2031 Improper Input Validation vulnerability in multiple products
Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code.
network
low complexity
arubanetworks siemens CWE-20
critical
 9.8
9.8
2019-05-10 CVE-2018-7084 OS Command Injection vulnerability in multiple products
A command injection vulnerability is present that permits an unauthenticated user with access to the Aruba Instant web interface to execute arbitrary system commands within the underlying operating system.
network
low complexity
arubanetworks siemens CWE-78
critical
 9.8
9.8