High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-08-22	CVE-2023-37431	SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator 9.3.0 Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. network low complexity arubanetworks CWE-89	8.1
2023-08-22	CVE-2023-37432	SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator 9.3.0 Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. network low complexity arubanetworks CWE-89	8.1
2023-08-22	CVE-2023-37433	SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator 9.3.0 Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. network low complexity arubanetworks CWE-89	8.1
2023-08-22	CVE-2023-37434	SQL Injection vulnerability in Arubanetworks Edgeconnect Sd-Wan Orchestrator 9.3.0 Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. network low complexity arubanetworks CWE-89	8.1
2023-07-05	CVE-2023-35972	Command Injection vulnerability in Arubanetworks Arubaos An authenticated remote command injection vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. network low complexity arubanetworks CWE-77	7.2
2023-07-05	CVE-2023-35973	Command Injection vulnerability in Arubanetworks Arubaos Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. network low complexity arubanetworks CWE-77	7.2
2023-07-05	CVE-2023-35974	Command Injection vulnerability in Arubanetworks Arubaos Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. network low complexity arubanetworks CWE-77	7.2
2023-07-05	CVE-2023-35975	Path Traversal vulnerability in Arubanetworks Arubaos An authenticated path traversal vulnerability exists in the ArubaOS command line interface. network low complexity arubanetworks CWE-22	8.1
2023-07-05	CVE-2023-35979	Classic Buffer Overflow vulnerability in Arubanetworks Arubaos There is an unauthenticated buffer overflow vulnerability in the process controlling the ArubaOS web-based management interface. network low complexity arubanetworks CWE-120	7.5
2023-05-16	CVE-2023-30501	Unspecified vulnerability in Arubanetworks Edgeconnect Enterprise Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. network low complexity arubanetworks	8.8