Vulnerabilities > Arubanetworks

DATE CVE VULNERABILITY TITLE RISK
2023-08-22 CVE-2023-37433 SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance.
network
low complexity
arubanetworks CWE-89
8.1
2023-08-22 CVE-2023-37434 SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance.
network
low complexity
arubanetworks CWE-89
8.1
2023-08-22 CVE-2023-37435 SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance.
network
low complexity
arubanetworks CWE-89
6.5
2023-08-22 CVE-2023-37436 SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance.
network
low complexity
arubanetworks CWE-89
6.5
2023-08-22 CVE-2023-37437 SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance.
network
low complexity
arubanetworks CWE-89
6.5
2023-08-22 CVE-2023-37438 SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance.
network
low complexity
arubanetworks CWE-89
6.5
2023-08-22 CVE-2023-37439 Cross-site Scripting vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance.
network
low complexity
arubanetworks CWE-79
6.1
2023-08-22 CVE-2023-37440 Server-Side Request Forgery (SSRF) vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to conduct a server-side request forgery (SSRF) attack.
network
low complexity
arubanetworks CWE-918
5.3
2023-07-25 CVE-2023-35980 Classic Buffer Overflow vulnerability in multiple products
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211).
network
low complexity
arubanetworks hp CWE-120
critical
9.8
2023-07-25 CVE-2023-35981 Classic Buffer Overflow vulnerability in multiple products
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211).
network
low complexity
arubanetworks hp CWE-120
critical
9.8