Vulnerabilities > Arubanetworks

DATE CVE VULNERABILITY TITLE RISK
2024-07-30 CVE-2024-41916 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format.
network
low complexity
arubanetworks
4.9
4.9
2024-07-30 CVE-2024-5486 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format.
network
low complexity
arubanetworks
4.9
4.9
2024-07-24 CVE-2024-41136 OS Command Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateways Command Line Interface.
network
low complexity
arubanetworks CWE-78
8.8
8.8
2024-07-24 CVE-2024-22444 Cross-site Scripting vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
A vulnerability within the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
arubanetworks CWE-79
6.1
6.1
2024-07-24 CVE-2024-22443 Unspecified vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a server-side prototype pollution attack.
network
low complexity
arubanetworks
8.8
8.8
2024-07-24 CVE-2024-41914 Cross-site Scripting vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface.
network
low complexity
arubanetworks CWE-79
critical
 9.0
9.0
2024-05-14 CVE-2024-31467 There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211).
network
low complexity
arubanetworks hp
critical
 9.8
9.8
2024-05-14 CVE-2024-31468 There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211).
network
low complexity
arubanetworks hp
critical
 9.8
9.8
2024-05-14 CVE-2024-31469 There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211).
network
low complexity
arubanetworks hp
critical
 9.8
9.8
2024-05-14 CVE-2024-31470 There is a buffer overflow vulnerability in the underlying SAE (Simultaneous Authentication of Equals) service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's Access Point management protocol) UDP port (8211).
network
low complexity
arubanetworks hp
critical
 9.8
9.8