Vulnerabilities > Arubanetworks > High

DATE CVE VULNERABILITY TITLE RISK
2022-09-20 CVE-2022-37878 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host.
network
low complexity
arubanetworks CWE-78
7.2
2022-09-20 CVE-2022-37879 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host.
network
low complexity
arubanetworks
7.2
2022-09-20 CVE-2022-37880 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host.
network
low complexity
arubanetworks
7.2
2022-09-20 CVE-2022-37881 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host.
network
low complexity
arubanetworks
7.2
2022-09-20 CVE-2022-37882 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host.
network
low complexity
arubanetworks
7.2
2022-09-20 CVE-2022-37883 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host.
network
low complexity
arubanetworks
7.2
2022-09-20 CVE-2022-37884 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated attacker to send specific operations which result in a Denial-of-Service condition.
network
low complexity
arubanetworks
7.5
2022-09-06 CVE-2022-23679 Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Aos-Cx
AOS-CX lacks Anti-CSRF protections in place for state-changing operations.
network
low complexity
arubanetworks CWE-352
8.8
2022-09-06 CVE-2022-23680 Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Aos-Cx
AOS-CX lacks Anti-CSRF protections in place for state-changing operations.
network
low complexity
arubanetworks CWE-352
8.8
2022-09-06 CVE-2022-23681 OS Command Injection vulnerability in Arubanetworks Aos-Cx
Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection.
local
low complexity
arubanetworks CWE-78
7.8