Vulnerabilities > Arubanetworks

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-07	CVE-2018-7067	Improper Authentication vulnerability in Arubanetworks Clearpass Policy Manager A Remote Authentication bypass in Aruba ClearPass Policy Manager leads to complete cluster compromise. network low complexity arubanetworks CWE-287	7.2
2018-12-07	CVE-2018-7066	Unspecified vulnerability in Arubanetworks Clearpass Policy Manager An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. network high complexity arubanetworks critical	9.0
2018-12-07	CVE-2018-7065	SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation. network low complexity arubanetworks CWE-89	7.2
2018-12-07	CVE-2018-7063	XXE vulnerability in Arubanetworks Clearpass Policy Manager In Aruba ClearPass, disabled API admins can still perform read/write operations. network high complexity arubanetworks CWE-611	8.1
2018-08-06	CVE-2018-7060	Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Clearpass Aruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1 is vulnerable to CSRF attacks against authenticated users. network low complexity arubanetworks CWE-352	8.8
2018-03-09	CVE-2014-2592	Unrestricted Upload of File with Dangerous Type vulnerability in Arubanetworks web Management Portal 6.3.0.60730 Unrestricted file upload vulnerability in Aruba Web Management portal allows remote attackers to execute arbitrary code by uploading a file with an executable extension. network low complexity arubanetworks CWE-434 critical	9.8
2018-02-27	CVE-2018-0489	Improper Verification of Cryptographic Signature vulnerability in multiple products Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. network low complexity shibboleth debian arubanetworks CWE-347	6.5
2018-01-08	CVE-2014-2071	Permissions, Privileges, and Access Controls vulnerability in Arubanetworks Clearpass Aruba Networks ClearPass Policy Manager 6.1.x, 6.2.x before 6.2.5.61640 and 6.3.x before 6.3.0.61712, when configured to use tunneled and non-tunneled EAP methods in a single policy construct, allows remote authenticated users to gain privileges by advertising independent inner and outer identities within a tunneled EAP method. high complexity arubanetworks CWE-264	7.1
2017-12-13	CVE-2017-13099	Information Exposure Through Discrepancy vulnerability in multiple products wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. network high complexity wolfssl siemens arubanetworks CWE-203	5.9
2017-10-16	CVE-2015-4650	Permissions, Privileges, and Access Controls vulnerability in Arubanetworks Clearpass Policy Manager Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to gain shell access and execute arbitrary code with root privileges via unspecified vectors. network low complexity arubanetworks CWE-264 critical	9.8

Vulnerabilities > Arubanetworks {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Arubanetworks"}]}

Vulnerabilities > Arubanetworks