Vulnerabilities > Arubanetworks > Arubaos > 8.8.0.0

DATE CVE VULNERABILITY TITLE RISK
2022-12-12 CVE-2022-37908 Unspecified vulnerability in Arubanetworks Arubaos and Sd-Wan
An authenticated attacker can impact the integrity of the ArubaOS bootloader on 7xxx series controllers.
network
low complexity
arubanetworks
6.5
6.5
2022-12-12 CVE-2022-37909 Unspecified vulnerability in Arubanetworks Arubaos and Sd-Wan
Aruba has identified certain configurations of ArubaOS that can lead to sensitive information disclosure from the configured ESSIDs.
high complexity
arubanetworks
5.3
5.3
2022-12-12 CVE-2022-37910 Classic Buffer Overflow vulnerability in Arubanetworks Arubaos and Sd-Wan
A buffer overflow vulnerability exists in the ArubaOS command line interface.
network
low complexity
arubanetworks CWE-120
6.5
6.5
2022-12-12 CVE-2022-37911 XXE vulnerability in Arubanetworks Arubaos and Sd-Wan
Due to improper restrictions on XML entities multiple vulnerabilities exist in the command line interface of ArubaOS.
network
low complexity
arubanetworks CWE-611
5.5
5.5
2022-12-12 CVE-2022-37912 OS Command Injection vulnerability in Arubanetworks Arubaos and Sd-Wan
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.
network
low complexity
arubanetworks CWE-78
8.8
8.8
2021-09-07 CVE-2021-37725 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.8.0.1, 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15.
network
low complexity
arubanetworks siemens CWE-352
8.1
8.1
2021-09-07 CVE-2021-37728 Path Traversal vulnerability in multiple products
A remote path traversal vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.8.0.1, 8.7.1.4, 8.6.0.11, 8.5.0.13.
network
low complexity
arubanetworks siemens CWE-22
6.5
6.5