Vulnerabilities > Arubanetworks > Edgeconnect SD WAN Orchestrator
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-22 | CVE-2023-37427 | Unspecified vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to run arbitrary commands on the underlying host. | 7.2 |
| 2023-08-22 | CVE-2023-37428 | Path Traversal vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator A vulnerability in the EdgeConnect SD-WAN Orchestrator web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. | 7.2 |
| 2023-08-22 | CVE-2023-37429 | SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. | 8.1 |
| 2023-08-22 | CVE-2023-37430 | SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. | 8.1 |
| 2023-08-22 | CVE-2023-37431 | SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. | 8.1 |
| 2023-08-22 | CVE-2023-37432 | SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. | 8.1 |
| 2023-08-22 | CVE-2023-37433 | SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. | 8.1 |
| 2023-08-22 | CVE-2023-37434 | SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. | 8.1 |
| 2023-08-22 | CVE-2023-37435 | SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. | 6.5 |
| 2023-08-22 | CVE-2023-37436 | SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. | 6.5 |