Vulnerabilities > Arubanetworks > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-03-01 CVE-2023-22773 Path Traversal vulnerability in Arubanetworks Arubaos and Sd-Wan
Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface.
network
low complexity
arubanetworks CWE-22
6.5
6.5
2023-03-01 CVE-2023-22774 Path Traversal vulnerability in Arubanetworks Arubaos and Sd-Wan
Authenticated path traversal vulnerabilities exist in the ArubaOS command line interface.
network
low complexity
arubanetworks CWE-22
6.5
6.5
2023-03-01 CVE-2023-22775 Exposure of Resource to Wrong Sphere vulnerability in Arubanetworks Arubaos and Sd-Wan
A vulnerability exists which allows an authenticated attacker to access sensitive information on the ArubaOS command line interface.
network
low complexity
arubanetworks CWE-668
6.5
6.5
2023-03-01 CVE-2023-22776 Path Traversal vulnerability in Arubanetworks Arubaos and Sd-Wan
An authenticated path traversal vulnerability exists in the ArubaOS command line interface.
network
low complexity
arubanetworks CWE-22
4.9
4.9
2023-03-01 CVE-2023-22777 Exposure of Resource to Wrong Sphere vulnerability in Arubanetworks Arubaos and Sd-Wan
An authenticated information disclosure vulnerability exists in the ArubaOS web-based management interface.
network
low complexity
arubanetworks CWE-668
6.5
6.5
2023-03-01 CVE-2023-22778 Cross-site Scripting vulnerability in Arubanetworks Arubaos and Sd-Wan
A vulnerability in the ArubaOS web management interface could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
arubanetworks CWE-79
4.8
4.8
2023-01-05 CVE-2022-43524 Cross-site Scripting vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator
A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface.
network
low complexity
arubanetworks CWE-79
5.4
5.4
2023-01-05 CVE-2022-43525 Cross-site Scripting vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator
Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
arubanetworks CWE-79
6.1
6.1
2023-01-05 CVE-2022-43526 Cross-site Scripting vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator
Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
arubanetworks CWE-79
6.1
6.1
2023-01-05 CVE-2022-43527 Cross-site Scripting vulnerability in Arubanetworks Aruba Edgeconnect Enterprise Orchestrator
Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface.
network
low complexity
arubanetworks CWE-79
6.1
6.1