Vulnerabilities > Arubanetworks

DATE	CVE	VULNERABILITY TITLE	RISK
2017-08-29	CVE-2015-3655	Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Clearpass Cross-site request forgery (CSRF) vulnerability in Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to hijack the authentication of administrators by leveraging improper enforcement of the anti-CSRF token. network low complexity arubanetworks CWE-352	8.8
2017-08-29	CVE-2015-3654	Improper Access Control vulnerability in Arubanetworks Clearpass Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to gain root privileges via unspecified vectors, a different vulnerability than CVE-2015-4649. network low complexity arubanetworks CWE-284	7.2
2017-08-29	CVE-2015-3653	Improper Access Control vulnerability in Arubanetworks Clearpass Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to write to arbitrary files within the underlying operating system and consequently cause a denial of service or gain privileges by leveraging incorrect permission checking. network low complexity arubanetworks CWE-284	7.2
2017-06-08	CVE-2016-2034	SQL Injection vulnerability in Arubanetworks Clearpass SQL injection vulnerability in ClearPass Policy Manager 6.5.x through 6.5.6 and 6.6.0. network low complexity arubanetworks CWE-89 critical	9.8
2017-03-11	CVE-2017-5638	Improper Handling of Exceptional Conditions vulnerability in multiple products The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string. network low complexity apache ibm lenovo hp oracle arubanetworks netapp CWE-755 critical	9.8

Vulnerabilities > Arubanetworks {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Arubanetworks"}]}

Vulnerabilities > Arubanetworks