Vulnerabilities > Arubanetworks
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-10 | CVE-2018-7083 | Information Exposure vulnerability in multiple products If a process running within Aruba Instant crashes, it may leave behind a "core dump", which contains the memory contents of the process at the time it crashed. | 5.0 |
2019-05-10 | CVE-2018-7082 | OS Command Injection vulnerability in multiple products A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. | 7.2 |
2018-12-07 | CVE-2018-7080 | Unspecified vulnerability in Arubanetworks products A vulnerability exists in the firmware of embedded BLE radios that are part of some Aruba Access points. | 5.4 |
2018-12-07 | CVE-2018-7079 | Incorrect Authorization vulnerability in Arubanetworks Clearpass Policy Manager Aruba ClearPass Policy Manager guest authorization failure. | 6.5 |
2018-12-07 | CVE-2018-7067 | Improper Authentication vulnerability in Arubanetworks Clearpass Policy Manager A Remote Authentication bypass in Aruba ClearPass Policy Manager leads to complete cluster compromise. | 6.5 |
2018-12-07 | CVE-2018-7066 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. | 9.3 |
2018-12-07 | CVE-2018-7065 | SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation. | 6.5 |
2018-12-07 | CVE-2018-7063 | XXE vulnerability in Arubanetworks Clearpass Policy Manager In Aruba ClearPass, disabled API admins can still perform read/write operations. | 6.8 |
2018-08-06 | CVE-2018-7060 | Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Clearpass Aruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1 is vulnerable to CSRF attacks against authenticated users. | 6.8 |
2018-03-09 | CVE-2014-2592 | Unrestricted Upload of File with Dangerous Type vulnerability in Arubanetworks web Management Portal 6.3.0.60730 Unrestricted file upload vulnerability in Aruba Web Management portal allows remote attackers to execute arbitrary code by uploading a file with an executable extension. | 7.5 |