Vulnerabilities > HPE > Arubaos Switch > 16.11.0004

DATE CVE VULNERABILITY TITLE RISK
2023-08-29 CVE-2023-39266 Cross-site Scripting vulnerability in HPE Arubaos-Switch
A vulnerability in the ArubaOS-Switch web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface provided certain configuration options are present.
network
low complexity
hpe CWE-79
6.1
6.1
2023-08-29 CVE-2023-39267 Unspecified vulnerability in HPE Arubaos-Switch
An authenticated remote code execution vulnerability exists in the command line interface in ArubaOS-Switch.
network
low complexity
hpe
6.5
6.5
2023-08-29 CVE-2023-39268 Out-of-bounds Write vulnerability in HPE Arubaos-Switch
A memory corruption vulnerability in ArubaOS-Switch could lead to unauthenticated remote code execution by receiving specially crafted packets.
network
low complexity
hpe CWE-787
critical
 9.8
9.8