Vulnerabilities > Arubanetworks > High

DATE CVE VULNERABILITY TITLE RISK
2022-09-06 CVE-2022-23682 OS Command Injection vulnerability in Arubanetworks Aos-Cx
Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection.
local
low complexity
arubanetworks CWE-78
7.8
2022-09-06 CVE-2022-23683 OS Command Injection vulnerability in Arubanetworks Aos-Cx
Authenticated command injection vulnerabilities exist in the AOS-CX Network Analytics Engine via NAE scripts.
network
low complexity
arubanetworks CWE-78
7.2
2022-09-06 CVE-2022-23684 Unspecified vulnerability in Arubanetworks Aos-Cx
A vulnerability in the web-based management interface of AOS-CX could allow a remote authenticated user with read-only privileges to escalate their permissions to those of an administrative user.
network
low complexity
arubanetworks
8.8
2022-05-17 CVE-2022-23669 Insufficient Session Expiration vulnerability in Arubanetworks Clearpass Policy Manager
A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-613
8.8
2022-05-17 CVE-2022-23671 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks
7.5
2022-05-17 CVE-2022-23672 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
7.2
2022-05-17 CVE-2022-23673 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
7.2
2022-05-16 CVE-2022-23667 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below.
network
low complexity
arubanetworks CWE-78
7.2
2022-05-10 CVE-2022-23677 Out-of-bounds Write vulnerability in Arubanetworks products
A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.03.xxxx: All versions; ArubaOS-Switch 16.04.xxxx: All versions; ArubaOS-Switch 16.05.xxxx: All versions; ArubaOS-Switch 16.06.xxxx: All versions; ArubaOS-Switch 16.07.xxxx: All versions; ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0024 and below; ArubaOS-Switch 16.09.xxxx: KB/WB/WC/YA/YB/YC.16.09.0019 and below; ArubaOS-Switch 16.10.xxxx: KB/WB/WC/YA/YB/YC.16.10.0019 and below; ArubaOS-Switch 16.11.xxxx: KB/WB/WC/YA/YB/YC.16.11.0003 and below.
network
high complexity
arubanetworks CWE-787
8.1
2021-10-15 CVE-2021-40991 Unspecified vulnerability in Arubanetworks Clearpass Policy Manager
A remote disclosure of sensitive information vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 - - ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1.
network
low complexity
arubanetworks
7.2