High

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-06	CVE-2022-23682	OS Command Injection vulnerability in Arubanetworks Aos-Cx Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection. local low complexity arubanetworks CWE-78	7.8
2022-09-06	CVE-2022-23683	OS Command Injection vulnerability in Arubanetworks Aos-Cx Authenticated command injection vulnerabilities exist in the AOS-CX Network Analytics Engine via NAE scripts. network low complexity arubanetworks CWE-78	7.2
2022-09-06	CVE-2022-23684	Unspecified vulnerability in Arubanetworks Aos-Cx A vulnerability in the web-based management interface of AOS-CX could allow a remote authenticated user with read-only privileges to escalate their permissions to those of an administrative user. network low complexity arubanetworks	8.8
2022-05-17	CVE-2022-23669	Insufficient Session Expiration vulnerability in Arubanetworks Clearpass Policy Manager A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. network low complexity arubanetworks CWE-613	8.8
2022-05-17	CVE-2022-23671	Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. network low complexity arubanetworks	7.5
2022-05-17	CVE-2022-23672	OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. network low complexity arubanetworks CWE-78	7.2
2022-05-17	CVE-2022-23673	OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. network low complexity arubanetworks CWE-78	7.2
2022-05-16	CVE-2022-23667	OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. network low complexity arubanetworks CWE-78	7.2
2022-05-10	CVE-2022-23677	Out-of-bounds Write vulnerability in Arubanetworks products A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.03.xxxx: All versions; ArubaOS-Switch 16.04.xxxx: All versions; ArubaOS-Switch 16.05.xxxx: All versions; ArubaOS-Switch 16.06.xxxx: All versions; ArubaOS-Switch 16.07.xxxx: All versions; ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0024 and below; ArubaOS-Switch 16.09.xxxx: KB/WB/WC/YA/YB/YC.16.09.0019 and below; ArubaOS-Switch 16.10.xxxx: KB/WB/WC/YA/YB/YC.16.10.0019 and below; ArubaOS-Switch 16.11.xxxx: KB/WB/WC/YA/YB/YC.16.11.0003 and below. network high complexity arubanetworks CWE-787	8.1
2021-10-15	CVE-2021-40991	Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. network low complexity arubanetworks	7.2