Vulnerabilities > Arubanetworks

DATE CVE VULNERABILITY TITLE RISK
2022-10-07 CVE-2022-37887 Classic Buffer Overflow vulnerability in multiple products
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211).
network
low complexity
arubanetworks siemens CWE-120
critical
9.8
2022-10-07 CVE-2022-37889 Classic Buffer Overflow vulnerability in multiple products
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211).
network
low complexity
arubanetworks siemens CWE-120
critical
9.8
2022-10-07 CVE-2022-37890 Classic Buffer Overflow vulnerability in multiple products
Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface.
network
low complexity
arubanetworks siemens CWE-120
critical
9.8
2022-10-07 CVE-2022-37891 Classic Buffer Overflow vulnerability in multiple products
Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface.
network
low complexity
arubanetworks siemens CWE-120
critical
9.8
2022-10-07 CVE-2022-37892 Cross-site Scripting vulnerability in multiple products
A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
arubanetworks siemens CWE-79
5.4
2022-10-06 CVE-2022-37888 Classic Buffer Overflow vulnerability in multiple products
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211).
network
low complexity
arubanetworks siemens CWE-120
critical
9.8
2022-09-20 CVE-2022-23685 Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Clearpass Policy Manager
A vulnerability in the ClearPass Policy Manager web-based management interface exists which exposes some endpoints to a lack of Cross-Site Request Forgery (CSRF) protection.
network
low complexity
arubanetworks CWE-352
8.8
2022-09-20 CVE-2022-23692 SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance.
network
low complexity
arubanetworks CWE-89
8.8
2022-09-20 CVE-2022-23693 SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance.
network
low complexity
arubanetworks CWE-89
8.8
2022-09-20 CVE-2022-23694 SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager
Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance.
network
low complexity
arubanetworks CWE-89
8.8