Skip to main content

Aos Cx

12 CVEs product

Monthly

CVE-2022-23691 MEDIUM This Month

A vulnerability exists in certain AOS-CX switch models which could allow an attacker with access to the recovery console to bypass normal authentication. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Authentication Bypass Aos Cx
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2022-23690 MEDIUM This Month

A vulnerability in the web-based management interface of AOS-CX could allow a remote unauthenticated attacker to fingerprint the exact version AOS-CX running on the switch. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-23689 MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-23688 MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-23687 MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-23686 MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-23684 HIGH This Week

A vulnerability in the web-based management interface of AOS-CX could allow a remote authenticated user with read-only privileges to escalate their permissions to those of an administrative user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Privilege Escalation Aos Cx
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-23683 HIGH This Week

Authenticated command injection vulnerabilities exist in the AOS-CX Network Analytics Engine via NAE scripts. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Command Injection Aos Cx
NVD
CVSS 3.1
7.2
EPSS
1.6%
CVE-2022-23682 HIGH This Week

Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Aruba Command Injection Aos Cx
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-23681 HIGH This Week

Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Aruba Command Injection Aos Cx
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-23680 HIGH This Week

AOS-CX lacks Anti-CSRF protections in place for state-changing operations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba CSRF Aos Cx
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-23679 HIGH This Week

AOS-CX lacks Anti-CSRF protections in place for state-changing operations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba CSRF Aos Cx
NVD
CVSS 3.1
8.8
EPSS
0.4%
EPSS 0% CVSS 6.8
MEDIUM This Month

A vulnerability exists in certain AOS-CX switch models which could allow an attacker with access to the recovery console to bypass normal authentication. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Authentication Bypass Aos Cx
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in the web-based management interface of AOS-CX could allow a remote unauthenticated attacker to fingerprint the exact version AOS-CX running on the switch. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A vulnerability in the web-based management interface of AOS-CX could allow a remote authenticated user with read-only privileges to escalate their permissions to those of an administrative user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Privilege Escalation Aos Cx
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Authenticated command injection vulnerabilities exist in the AOS-CX Network Analytics Engine via NAE scripts. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Command Injection Aos Cx
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Aruba Command Injection Aos Cx
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Aruba Command Injection Aos Cx
NVD
EPSS 0% CVSS 8.8
HIGH This Week

AOS-CX lacks Anti-CSRF protections in place for state-changing operations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba CSRF Aos Cx
NVD
EPSS 0% CVSS 8.8
HIGH This Week

AOS-CX lacks Anti-CSRF protections in place for state-changing operations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba CSRF Aos Cx
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy