Vulnerabilities > Arubanetworks > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-30 | CVE-2021-25148 | A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.4 and below. | 8.5 |
| 2021-02-23 | CVE-2021-26677 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager A local authenticated escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. | 7.2 |
| 2020-10-26 | CVE-2020-7127 | Unspecified vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | 7.5 |
| 2020-10-26 | CVE-2020-7124 | Missing Authorization vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote unauthorized access vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | 7.5 |
| 2020-09-23 | CVE-2020-7122 | Out-of-bounds Write vulnerability in Arubanetworks products Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found. | 7.5 |
| 2020-09-23 | CVE-2020-7121 | Out-of-bounds Write vulnerability in Arubanetworks products Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found. | 7.5 |
| 2020-04-16 | CVE-2020-7114 | Missing Authentication for Critical Function vulnerability in Arubanetworks Clearpass A vulnerability exists allowing attackers, when present in the same network segment as ClearPass' management interface, to make changes to certain databases in ClearPass by crafting HTTP packets. | 7.5 |
| 2019-05-10 | CVE-2018-7082 | OS Command Injection vulnerability in multiple products A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. | 7.2 |
| 2018-03-09 | CVE-2014-2592 | Unrestricted Upload of File with Dangerous Type vulnerability in Arubanetworks web Management Portal 6.3.0.60730 Unrestricted file upload vulnerability in Aruba Web Management portal allows remote attackers to execute arbitrary code by uploading a file with an executable extension. | 7.5 |
| 2017-06-08 | CVE-2016-2034 | SQL Injection vulnerability in Arubanetworks Clearpass SQL injection vulnerability in ClearPass Policy Manager 6.5.x through 6.5.6 and 6.6.0. | 7.5 |