Vulnerabilities > Arubanetworks > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-04 | CVE-2025-25039 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy Manager (CPPM) allows remote authenticated users to run arbitrary commands on the underlying host. | 8.8 |
| 2025-02-04 | CVE-2025-23058 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the ClearPass Policy Manager web-based management interface allows a low-privileged (read-only) authenticated remote attacker to gain unauthorized access to data and the ability to execute functions that should be restricted to administrators only with read/write privileges. | 8.1 |
| 2025-02-04 | CVE-2025-23060 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in HPE Aruba Networking ClearPass Policy Manager may, under certain circumstances, expose sensitive unencrypted information. | 8.1 |
| 2024-12-03 | CVE-2024-51772 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager An authenticated RCE vulnerability in the ClearPass Policy Manager web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. | 8.0 |
| 2024-12-03 | CVE-2024-51771 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management interface could allow an authenticated remote threat actor to conduct a remote code execution attack. | 8.8 |
| 2024-07-30 | CVE-2024-41915 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager instance. | 8.8 |
| 2024-07-24 | CVE-2024-41136 | OS Command Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateways Command Line Interface. | 8.8 |
| 2024-07-24 | CVE-2024-22443 | Unspecified vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a server-side prototype pollution attack. | 8.8 |
| 2024-02-27 | CVE-2024-26294 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. | 8.8 |
| 2024-02-27 | CVE-2024-26295 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. | 8.8 |