Vulnerabilities > Arubanetworks > Arubaos > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-07 | CVE-2021-37723 | Command Injection vulnerability in multiple products A remote arbitrary command execution vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.16. | 7.2 |
| 2021-09-07 | CVE-2021-37724 | Command Injection vulnerability in multiple products A remote arbitrary command execution vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.16. | 7.2 |
| 2021-09-07 | CVE-2021-37725 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.8.0.1, 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15. | 8.1 |
| 2020-12-11 | CVE-2020-24637 | Unspecified vulnerability in Arubanetworks Arubaos Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker to bypass secureboot. | 7.2 |
| 2020-01-31 | CVE-2016-2032 | Improper Authentication vulnerability in Arubanetworks Aruba Instant and Arubaos A vulnerability exists in the Aruba AirWave Management Platform 8.x prior to 8.2 in the management interface of an underlying system component called RabbitMQ, which could let a malicious user obtain sensitive information. | 7.5 |
| 2019-09-13 | CVE-2019-5315 | OS Command Injection vulnerability in Arubanetworks Arubaos A command injection vulnerability is present in the web management interface of ArubaOS that permits an authenticated user to execute arbitrary commands on the underlying operating system. | 7.2 |
| 2018-12-07 | CVE-2018-7080 | Unspecified vulnerability in Arubanetworks products A vulnerability exists in the firmware of embedded BLE radios that are part of some Aruba Access points. high complexity arubanetworks | 7.5 |