Vulnerabilities > Arubanetworks > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-10-07 CVE-2022-37890 Classic Buffer Overflow vulnerability in multiple products
Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface.
network
low complexity
arubanetworks siemens CWE-120
critical
 9.8
9.8
2022-10-07 CVE-2022-37891 Classic Buffer Overflow vulnerability in multiple products
Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface.
network
low complexity
arubanetworks siemens CWE-120
critical
 9.8
9.8
2022-10-06 CVE-2022-37888 Classic Buffer Overflow vulnerability in multiple products
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211).
network
low complexity
arubanetworks siemens CWE-120
critical
 9.8
9.8
2022-05-16 CVE-2022-23657 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks
critical
 10.0
10
2022-05-16 CVE-2022-23658 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks
critical
 10.0
10
2022-05-16 CVE-2022-23660 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks
critical
 10.0
10
2022-05-16 CVE-2022-23661 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
critical
 9.1
9.1
2022-05-16 CVE-2022-23662 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
critical
 9.1
9.1
2022-05-16 CVE-2022-23663 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
critical
 9.1
9.1
2022-05-16 CVE-2022-23664 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
critical
 9.1
9.1