Vulnerabilities > Arubanetworks

DATE CVE VULNERABILITY TITLE RISK
2019-05-10 CVE-2018-7083 Information Exposure vulnerability in multiple products
If a process running within Aruba Instant crashes, it may leave behind a "core dump", which contains the memory contents of the process at the time it crashed.
network
low complexity
arubanetworks siemens CWE-200
5.0
5.0
2019-05-10 CVE-2018-7082 OS Command Injection vulnerability in multiple products
A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system.
network
low complexity
arubanetworks siemens CWE-78
7.2
7.2
2018-12-07 CVE-2018-7080 Unspecified vulnerability in Arubanetworks products
A vulnerability exists in the firmware of embedded BLE radios that are part of some Aruba Access points. 		5.4
5.4
2018-12-07 CVE-2018-7079 Incorrect Authorization vulnerability in Arubanetworks Clearpass Policy Manager
Aruba ClearPass Policy Manager guest authorization failure.
network
low complexity
arubanetworks CWE-863
6.5
6.5
2018-12-07 CVE-2018-7067 Improper Authentication vulnerability in Arubanetworks Clearpass Policy Manager
A Remote Authentication bypass in Aruba ClearPass Policy Manager leads to complete cluster compromise.
network
low complexity
arubanetworks CWE-287
6.5
6.5
2018-12-07 CVE-2018-7066 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices.
network
arubanetworks
critical
 9.3
9.3
2018-12-07 CVE-2018-7065 SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager
An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation.
network
low complexity
arubanetworks CWE-89
6.5
6.5
2018-12-07 CVE-2018-7063 XXE vulnerability in Arubanetworks Clearpass Policy Manager
In Aruba ClearPass, disabled API admins can still perform read/write operations. 		6.8
6.8
2018-08-06 CVE-2018-7060 Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Clearpass
Aruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1 is vulnerable to CSRF attacks against authenticated users. 		6.8
6.8
2018-03-09 CVE-2014-2592 Unrestricted Upload of File with Dangerous Type vulnerability in Arubanetworks web Management Portal 6.3.0.60730
Unrestricted file upload vulnerability in Aruba Web Management portal allows remote attackers to execute arbitrary code by uploading a file with an executable extension.
network
low complexity
arubanetworks CWE-434
7.5
7.5