Vulnerabilities > Arubanetworks > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-03 | CVE-2020-7117 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager The ClearPass Policy Manager WebUI administrative interface has an authenticated command remote execution. | 7.2 |
| 2020-06-03 | CVE-2020-7116 | Unspecified vulnerability in Arubanetworks Clearpass Policy Manager The ClearPass Policy Manager WebUI administrative interface has an authenticated command remote execution. | 7.2 |
| 2020-04-16 | CVE-2020-7111 | Injection vulnerability in Arubanetworks Clearpass A server side injection vulnerability exists which could allow an authenticated administrative user to achieve Remote Code Execution in ClearPass. | 7.2 |
| 2020-02-27 | CVE-2019-5326 | Deserialization of Untrusted Data vulnerability in Arubanetworks Airwave An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. | 7.2 |
| 2020-02-27 | CVE-2019-5323 | Command Injection vulnerability in Arubanetworks Airwave There are command injection vulnerabilities present in the AirWave application. | 7.2 |
| 2020-02-13 | CVE-2019-5322 | Unspecified vulnerability in Arubanetworks products A remotely exploitable information disclosure vulnerability is present in Aruba Intelligent Edge Switch models 5400, 3810, 2920, 2930, 2530 with GigT port, 2530 10/100 port, or 2540. | 7.5 |
| 2020-01-31 | CVE-2016-2032 | Improper Authentication vulnerability in Arubanetworks Aruba Instant and Arubaos A vulnerability exists in the Aruba AirWave Management Platform 8.x prior to 8.2 in the management interface of an underlying system component called RabbitMQ, which could let a malicious user obtain sensitive information. | 7.5 |
| 2019-10-30 | CVE-2018-16417 | Command Injection vulnerability in multiple products Aruba Instant 4.x prior to 6.4.4.8-4.2.4.12, 6.5.x prior to 6.5.4.11, 8.3.x prior to 8.3.0.6, and 8.4.x prior to 8.4.0.1 allows Command injection. | 7.5 |
| 2019-09-13 | CVE-2019-5315 | OS Command Injection vulnerability in Arubanetworks Arubaos A command injection vulnerability is present in the web management interface of ArubaOS that permits an authenticated user to execute arbitrary commands on the underlying operating system. | 7.2 |
| 2019-05-10 | CVE-2018-7083 | Information Exposure vulnerability in multiple products If a process running within Aruba Instant crashes, it may leave behind a "core dump", which contains the memory contents of the process at the time it crashed. | 7.5 |