Vulnerabilities > Arubanetworks
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-08 | CVE-2022-37918 | Unspecified vulnerability in Arubanetworks Airwave Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. | 8.1 |
2022-10-28 | CVE-2022-37913 | Unspecified vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator Vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to bypass authentication. | 9.8 |
2022-10-28 | CVE-2022-37914 | Unspecified vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator Vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to bypass authentication. | 9.8 |
2022-10-28 | CVE-2022-37915 | Unspecified vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to run arbitrary commands on the underlying host. | 9.8 |
2022-10-07 | CVE-2022-37893 | OS Command Injection vulnerability in multiple products An authenticated command injection vulnerability exists in the Aruba InstantOS and ArubaOS 10 command line interface. | 7.8 |
2022-10-07 | CVE-2022-37894 | An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. | 6.5 |
2022-10-07 | CVE-2022-37895 | An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. | 4.9 |
2022-10-07 | CVE-2022-37896 | Cross-site Scripting vulnerability in multiple products A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
2022-10-07 | CVE-2022-37885 | Classic Buffer Overflow vulnerability in multiple products There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). | 9.8 |
2022-10-07 | CVE-2022-37886 | Classic Buffer Overflow vulnerability in multiple products There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). | 9.8 |