Vulnerabilities > Arubanetworks

DATE CVE VULNERABILITY TITLE RISK
2021-04-29 CVE-2021-29138 Unspecified vulnerability in Arubanetworks Clearpass
A remote disclosure of privileged information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1.
network
low complexity
arubanetworks
6.5
2021-04-29 CVE-2021-29140 XXE vulnerability in Arubanetworks Clearpass
A remote XML external entity (XXE) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.9, 6.7.14-HF1.
network
low complexity
arubanetworks CWE-611
8.2
2021-04-29 CVE-2021-29144 Unspecified vulnerability in Arubanetworks Clearpass
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1.
network
low complexity
arubanetworks
6.5
2021-04-29 CVE-2021-29145 Server-Side Request Forgery (SSRF) vulnerability in Arubanetworks Clearpass
A remote server side request forgery (SSRF) remote code execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1.
network
low complexity
arubanetworks CWE-918
critical
9.8
2021-04-29 CVE-2021-29137 Open Redirect vulnerability in Arubanetworks Airwave
A remote URL redirection vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1.
network
low complexity
arubanetworks CWE-601
6.1
2021-04-29 CVE-2021-29147 OS Command Injection vulnerability in Arubanetworks Clearpass
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1.
network
low complexity
arubanetworks CWE-78
8.8
2021-04-29 CVE-2021-29146 Cross-site Scripting vulnerability in Arubanetworks Clearpass
A remote cross-site scripting (XSS) vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1.
network
low complexity
arubanetworks CWE-79
5.4
2021-04-29 CVE-2021-25167 OS Command Injection vulnerability in Arubanetworks Airwave
A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1.
network
low complexity
arubanetworks CWE-78
8.8
2021-04-29 CVE-2021-25166 OS Command Injection vulnerability in Arubanetworks Airwave
A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1.
network
low complexity
arubanetworks CWE-78
8.8
2021-04-29 CVE-2021-25163 XXE vulnerability in Arubanetworks Airwave
A remote XML external entity vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1.
network
low complexity
arubanetworks CWE-611
8.1