Vulnerabilities > Arubanetworks > Arubaos > 8.3.0.15

DATE CVE VULNERABILITY TITLE RISK
2023-07-05 CVE-2023-35971 Cross-site Scripting vulnerability in Arubanetworks Arubaos
A vulnerability in the ArubaOS web-based management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
arubanetworks CWE-79
6.1
2023-07-05 CVE-2023-35972 Command Injection vulnerability in Arubanetworks Arubaos
An authenticated remote command injection vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
network
low complexity
arubanetworks CWE-77
7.2
2023-07-05 CVE-2023-35973 Command Injection vulnerability in Arubanetworks Arubaos
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.
network
low complexity
arubanetworks CWE-77
7.2
2023-07-05 CVE-2023-35974 Command Injection vulnerability in Arubanetworks Arubaos
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.
network
low complexity
arubanetworks CWE-77
7.2
2023-07-05 CVE-2023-35975 Path Traversal vulnerability in Arubanetworks Arubaos
An authenticated path traversal vulnerability exists in the ArubaOS command line interface.
network
low complexity
arubanetworks CWE-22
8.1
2023-07-05 CVE-2023-35976 Unspecified vulnerability in Arubanetworks Arubaos
Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface.
network
low complexity
arubanetworks
6.5
2023-07-05 CVE-2023-35977 Unspecified vulnerability in Arubanetworks Arubaos
Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface.
network
low complexity
arubanetworks
6.5
2023-07-05 CVE-2023-35978 Cross-site Scripting vulnerability in Arubanetworks Arubaos
A vulnerability in ArubaOS could allow an unauthenticated remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface.
network
low complexity
arubanetworks CWE-79
6.1
2023-07-05 CVE-2023-35979 Classic Buffer Overflow vulnerability in Arubanetworks Arubaos
There is an unauthenticated buffer overflow vulnerability in the process controlling the ArubaOS web-based management interface.
network
low complexity
arubanetworks CWE-120
7.5
2021-09-07 CVE-2019-5318 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba Operating System Software version(s): 6.x.x.x: all versions, 8.x.x.x: all versions prior to 8.8.0.0.
7.1