Vulnerabilities > Arubanetworks

DATE CVE VULNERABILITY TITLE RISK
2023-03-22 CVE-2023-25594 Incorrect Authorization vulnerability in Arubanetworks Clearpass Policy Manager
A vulnerability in the web-based management interface of ClearPass Policy Manager allows an attacker with read-only privileges to perform actions that change the state of the ClearPass Policy Manager instance.
network
low complexity
arubanetworks CWE-863
8.8
2023-03-22 CVE-2023-25595 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A vulnerability exists in the ClearPass OnGuard Ubuntu agent that allows for an attacker with local Ubuntu instance access to potentially obtain sensitive information.
local
low complexity
arubanetworks
5.5
2023-03-22 CVE-2023-25596 Cleartext Storage of Sensitive Information vulnerability in Arubanetworks Clearpass Policy Manager
A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format.
network
low complexity
arubanetworks CWE-312
4.9
2023-03-01 CVE-2023-22747 Command Injection vulnerability in Arubanetworks Arubaos and Sd-Wan
There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211).
network
low complexity
arubanetworks CWE-77
critical
9.8
2023-03-01 CVE-2023-22748 Command Injection vulnerability in Arubanetworks Arubaos and Sd-Wan
There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211).
network
low complexity
arubanetworks CWE-77
critical
9.8
2023-03-01 CVE-2023-22749 Command Injection vulnerability in Arubanetworks Arubaos and Sd-Wan
There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211).
network
low complexity
arubanetworks CWE-77
critical
9.8
2023-03-01 CVE-2023-22750 Command Injection vulnerability in Arubanetworks Arubaos and Sd-Wan
There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211).
network
low complexity
arubanetworks CWE-77
critical
9.8
2023-03-01 CVE-2023-22751 Out-of-bounds Write vulnerability in Arubanetworks Arubaos and Sd-Wan
There are stack-based buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211).
network
low complexity
arubanetworks CWE-787
critical
9.8
2023-03-01 CVE-2023-22752 Out-of-bounds Write vulnerability in Arubanetworks Arubaos and Sd-Wan
There are stack-based buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point management protocol) UDP port (8211).
network
low complexity
arubanetworks CWE-787
critical
9.8
2023-03-01 CVE-2023-22753 Classic Buffer Overflow vulnerability in Arubanetworks Arubaos and Sd-Wan
There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol.
network
low complexity
arubanetworks CWE-120
critical
9.8