Vulnerabilities > Arubanetworks
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-11 | CVE-2020-12148 | OS Command Injection vulnerability in Arubanetworks Edgeconnect Enterprise A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM (ECOS) appliance software could allow an attacker to execute arbitrary commands with the privileges of the web server running on the EdgeConnect appliance. | 6.8 |
| 2020-12-11 | CVE-2020-24637 | Unspecified vulnerability in Arubanetworks Arubaos Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker to bypass secureboot. | 7.2 |
| 2020-12-11 | CVE-2020-24634 | Command Injection vulnerability in Arubanetworks Arubaos An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below. | 9.8 |
| 2020-12-11 | CVE-2020-24633 | Classic Buffer Overflow vulnerability in Arubanetworks Arubaos There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below. | 9.8 |
| 2020-11-04 | CVE-2020-7129 | Unspecified vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | 7.2 |
| 2020-11-04 | CVE-2020-7128 | Missing Authentication for Critical Function vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | 9.8 |
| 2020-10-26 | CVE-2020-7127 | Unspecified vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | 9.8 |
| 2020-10-26 | CVE-2020-7126 | Server-Side Request Forgery (SSRF) vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote server-side request forgery (ssrf) vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | 5.8 |
| 2020-10-26 | CVE-2020-7125 | Improper Privilege Management vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote escalation of privilege vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | 8.8 |
| 2020-10-26 | CVE-2020-7124 | Unspecified vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote unauthorized access vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | 9.8 |