Vulnerabilities > Arubanetworks > Edgeconnect SD WAN Orchestrator > 9.1.11

DATE CVE VULNERABILITY TITLE RISK
2024-07-24 CVE-2024-41136 OS Command Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateways Command Line Interface.
network
low complexity
arubanetworks CWE-78
8.8
8.8
2023-08-22 CVE-2023-37435 SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance.
network
low complexity
arubanetworks CWE-89
6.5
6.5
2023-08-22 CVE-2023-37436 SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance.
network
low complexity
arubanetworks CWE-89
6.5
6.5
2023-08-22 CVE-2023-37437 SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance.
network
low complexity
arubanetworks CWE-89
6.5
6.5
2023-08-22 CVE-2023-37438 SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance.
network
low complexity
arubanetworks CWE-89
6.5
6.5
2023-08-22 CVE-2023-37440 Server-Side Request Forgery (SSRF) vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to conduct a server-side request forgery (SSRF) attack.
network
low complexity
arubanetworks CWE-918
5.3
5.3