Vulnerabilities > Arubanetworks > High

DATE CVE VULNERABILITY TITLE RISK
2021-09-07 CVE-2021-37721 Command Injection vulnerability in multiple products
A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25.
network
low complexity
arubanetworks siemens CWE-77
7.2
2021-09-07 CVE-2021-37722 Command Injection vulnerability in multiple products
A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25.
network
low complexity
arubanetworks siemens CWE-77
7.2
2021-09-07 CVE-2021-37723 Command Injection vulnerability in multiple products
A remote arbitrary command execution vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.16.
network
low complexity
arubanetworks siemens CWE-77
7.2
2021-09-07 CVE-2021-37724 Command Injection vulnerability in multiple products
A remote arbitrary command execution vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.16.
network
low complexity
arubanetworks siemens CWE-77
7.2
2021-09-07 CVE-2021-37725 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.8.0.1, 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15.
network
low complexity
arubanetworks siemens CWE-352
8.1
2021-07-22 CVE-2021-29143 OS Command Injection vulnerability in Arubanetworks Aos-Cx Firmware
A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001.
network
low complexity
arubanetworks CWE-78
7.2
2021-07-08 CVE-2021-34609 SQL Injection vulnerability in Arubanetworks Clearpass Policy Manager
A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9.
network
low complexity
arubanetworks CWE-89
8.8
2021-07-08 CVE-2021-34610 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9.
network
low complexity
arubanetworks CWE-78
7.2
2021-07-08 CVE-2021-34611 OS Command Injection vulnerability in Arubanetworks Clearpass Policy Manager
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9.
network
low complexity
arubanetworks CWE-78
7.2
2021-07-08 CVE-2021-29150 Deserialization of Untrusted Data vulnerability in Arubanetworks Clearpass Policy Manager
A remote insecure deserialization vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.10.0, 6.9.6 and 6.8.9.
network
low complexity
arubanetworks CWE-502
7.2