Vulnerabilities > Arubanetworks

DATE	CVE	VULNERABILITY TITLE	RISK
2020-04-16	CVE-2020-7114	Missing Authentication for Critical Function vulnerability in Arubanetworks Clearpass A vulnerability exists allowing attackers, when present in the same network segment as ClearPass' management interface, to make changes to certain databases in ClearPass by crafting HTTP packets. network low complexity arubanetworks CWE-306 critical	9.8
2020-04-16	CVE-2020-7113	Unspecified vulnerability in Arubanetworks Clearpass A vulnerability was found when an attacker, while communicating with the ClearPass management interface, is able to intercept and change parameters in the HTTP packets resulting in the compromise of some of ClearPass' service accounts. network low complexity arubanetworks	4.9
2020-04-16	CVE-2020-7111	Injection vulnerability in Arubanetworks Clearpass A server side injection vulnerability exists which could allow an authenticated administrative user to achieve Remote Code Execution in ClearPass. network low complexity arubanetworks CWE-74	7.2
2020-04-16	CVE-2020-7110	Cross-site Scripting vulnerability in Arubanetworks Clearpass ClearPass is vulnerable to Stored Cross Site Scripting by allowing a malicious administrator, or a compromised administrator account, to save malicious scripts within ClearPass that could be executed resulting in a privilege escalation attack. network low complexity arubanetworks CWE-79	4.8
2020-02-27	CVE-2019-5326	Deserialization of Untrusted Data vulnerability in Arubanetworks Airwave An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. network low complexity arubanetworks CWE-502	7.2
2020-02-27	CVE-2019-5323	Command Injection vulnerability in Arubanetworks Airwave There are command injection vulnerabilities present in the AirWave application. network low complexity arubanetworks CWE-77	7.2
2020-02-13	CVE-2019-5322	Unspecified vulnerability in Arubanetworks products A remotely exploitable information disclosure vulnerability is present in Aruba Intelligent Edge Switch models 5400, 3810, 2920, 2930, 2530 with GigT port, 2530 10/100 port, or 2540. network low complexity arubanetworks	7.5
2020-01-31	CVE-2016-2032	Improper Authentication vulnerability in Arubanetworks Aruba Instant and Arubaos A vulnerability exists in the Aruba AirWave Management Platform 8.x prior to 8.2 in the management interface of an underlying system component called RabbitMQ, which could let a malicious user obtain sensitive information. network low complexity arubanetworks CWE-287	7.5
2020-01-31	CVE-2016-2031	Improper Input Validation vulnerability in multiple products Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code. network low complexity arubanetworks siemens CWE-20 critical	9.8
2019-11-06	CVE-2016-4401	Insufficiently Protected Credentials vulnerability in Arubanetworks Clearpass Aruba ClearPass Policy Manager before 6.5.7 and 6.6.x before 6.6.2 allows attackers to obtain database credentials. network low complexity arubanetworks CWE-522 critical	9.8

Vulnerabilities > Arubanetworks {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Arubanetworks"}]}

Vulnerabilities > Arubanetworks