Vulnerabilities > Arubanetworks

DATE CVE VULNERABILITY TITLE RISK
2022-09-06 CVE-2022-23690 Unspecified vulnerability in Arubanetworks Aos-Cx
A vulnerability in the web-based management interface of AOS-CX could allow a remote unauthenticated attacker to fingerprint the exact version AOS-CX running on the switch.
network
low complexity
arubanetworks
5.3
2022-09-06 CVE-2022-23691 Unspecified vulnerability in Arubanetworks Aos-Cx
A vulnerability exists in certain AOS-CX switch models which could allow an attacker with access to the recovery console to bypass normal authentication.
low complexity
arubanetworks
6.8
2022-05-17 CVE-2022-23674 Cross-site Scripting vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-79
5.4
2022-05-17 CVE-2022-23669 Insufficient Session Expiration vulnerability in Arubanetworks Clearpass Policy Manager
A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-613
8.8
2022-05-17 CVE-2022-23671 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks
7.5
2022-05-17 CVE-2022-23672 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
7.2
2022-05-17 CVE-2022-23673 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
7.2
2022-05-17 CVE-2022-23675 Cross-site Scripting vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-79
4.8
2022-05-16 CVE-2022-23667 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
7.2
2022-05-16 CVE-2022-23668 Server-Side Request Forgery (SSRF) vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated server-side request forgery (ssrf) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-918
4.9