Skip to main content

Aruba

343 CVEs vendor

Monthly

CVE-2023-22749 CRITICAL Act Now

There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Aruba Command Injection Sd Wan Arubaos
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2023-22748 CRITICAL Act Now

There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Aruba Command Injection Sd Wan Arubaos
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2023-22747 CRITICAL Act Now

There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Aruba Command Injection Sd Wan Arubaos
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2022-44533 HIGH This Week

A vulnerability in the Aruba EdgeConnect Enterprise web management interface allows remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Aruba Code Injection Edgeconnect Enterprise
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2022-44532 MEDIUM This Month

An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise command line interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Aruba Edgeconnect Enterprise
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-43542 HIGH This Week

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Aruba Code Injection Edgeconnect Enterprise
NVD
CVSS 3.1
8.8
EPSS
1.2%
CVE-2022-43541 HIGH This Week

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Aruba Code Injection Edgeconnect Enterprise
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2022-43518 MEDIUM This Month

An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise web interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Aruba Edgeconnect Enterprise
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-37926 MEDIUM This Month

A vulnerability within the web-based management interface of EdgeConnect Enterprise could allow a remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba XSS Edgeconnect Enterprise
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-37925 MEDIUM This Month

A vulnerability within the web-based management interface of Aruba EdgeConnect Enterprise could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba XSS Edgeconnect Enterprise
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-37924 HIGH This Week

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Edgeconnect Enterprise
NVD
CVSS 3.1
7.2
EPSS
1.5%
CVE-2022-37923 HIGH This Week

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Aruba Edgeconnect Enterprise
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-37922 HIGH This Week

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Aruba Edgeconnect Enterprise
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-37921 HIGH This Week

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Aruba Edgeconnect Enterprise
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-37920 HIGH This Week

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Aruba Edgeconnect Enterprise
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-37919 HIGH This Week

A vulnerability exists in the API of Aruba EdgeConnect Enterprise. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Aruba Edgeconnect Enterprise
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-37909 MEDIUM This Month

Aruba has identified certain configurations of ArubaOS that can lead to sensitive information disclosure from the configured ESSIDs. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Aruba Sd Wan Arubaos
NVD
CVSS 3.1
5.3
EPSS
0.3%
CVE-2022-37897 CRITICAL Act Now

There is a command injection vulnerability that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Aruba Sd Wan Arubaos
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2022-37918 HIGH This Week

Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Airwave
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2022-37917 HIGH This Week

Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Airwave
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2022-37916 HIGH This Week

Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Airwave
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2022-37915 CRITICAL Act Now

A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to run arbitrary commands on the underlying host. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Command Injection Aruba Edgeconnect Enterprise Orchestrator
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2022-37914 CRITICAL Act Now

Vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to bypass authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Authentication Bypass Aruba Edgeconnect Enterprise Orchestrator
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-37913 CRITICAL Act Now

Vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to bypass authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Authentication Bypass Aruba Edgeconnect Enterprise Orchestrator
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-37896 MEDIUM This Month

A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba XSS Arubaos Instant Scalance W1750D Firmware
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-37895 MEDIUM This Month

An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Denial Of Service Arubaos Instant Scalance W1750D Firmware
NVD
CVSS 3.1
4.9
EPSS
0.7%
CVE-2022-37894 MEDIUM This Month

An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Denial Of Service Arubaos Instant Scalance W1750D Firmware
NVD
CVSS 3.1
6.5
EPSS
0.4%
CVE-2022-37893 HIGH This Week

An authenticated command injection vulnerability exists in the Aruba InstantOS and ArubaOS 10 command line interface. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Aruba Command Injection Arubaos Instant Scalance W1750D Firmware
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-37892 MEDIUM This Month

A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba XSS Arubaos Instant Scalance W1750D Firmware
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-37891 CRITICAL Act Now

Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Buffer Overflow Arubaos Instant Scalance W1750D Firmware
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37890 CRITICAL Act Now

Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Buffer Overflow Arubaos Instant Scalance W1750D Firmware
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-37889 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow Arubaos Instant +1
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-37887 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow Arubaos Instant +1
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-37886 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow Arubaos Instant +1
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-37885 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow Arubaos Instant +1
NVD
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-37888 CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow Arubaos Instant +1
NVD
CVSS 3.1
9.8
EPSS
1.5%
CVE-2022-23696 HIGH This Week

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba SQLi Clearpass Policy Manager
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-23695 HIGH This Week

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba SQLi Clearpass Policy Manager
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-23694 HIGH This Week

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba SQLi Clearpass Policy Manager
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-23693 HIGH This Week

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba SQLi Clearpass Policy Manager
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-23692 HIGH This Week

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba SQLi Clearpass Policy Manager
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-23685 HIGH This Week

A vulnerability in the ClearPass Policy Manager web-based management interface exists which exposes some endpoints to a lack of Cross-Site Request Forgery (CSRF) protection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba CSRF Clearpass Policy Manager
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-37884 HIGH This Week

A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated attacker to send specific operations which result in a Denial-of-Service condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Denial Of Service Clearpass Policy Manager
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-37883 HIGH This Week

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Command Injection Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2022-37882 HIGH This Week

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Command Injection Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2022-37881 HIGH This Week

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Command Injection Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2022-37880 HIGH This Week

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Command Injection Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2022-37879 HIGH This Week

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Command Injection Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-37878 HIGH This Week

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Command Injection Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
1.3%
CVE-2022-37877 HIGH This Week

A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Aruba Apple RCE Clearpass Policy Manager
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-23691 MEDIUM This Month

A vulnerability exists in certain AOS-CX switch models which could allow an attacker with access to the recovery console to bypass normal authentication. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Authentication Bypass Aos Cx
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2022-23690 MEDIUM This Month

A vulnerability in the web-based management interface of AOS-CX could allow a remote unauthenticated attacker to fingerprint the exact version AOS-CX running on the switch. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-23689 MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-23688 MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-23687 MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-23686 MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
CVSS 3.1
4.3
EPSS
0.3%
CVE-2022-23684 HIGH This Week

A vulnerability in the web-based management interface of AOS-CX could allow a remote authenticated user with read-only privileges to escalate their permissions to those of an administrative user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Privilege Escalation Aos Cx
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-23683 HIGH This Week

Authenticated command injection vulnerabilities exist in the AOS-CX Network Analytics Engine via NAE scripts. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Command Injection Aos Cx
NVD
CVSS 3.1
7.2
EPSS
1.6%
CVE-2022-23682 HIGH This Week

Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Aruba Command Injection Aos Cx
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-23681 HIGH This Week

Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Aruba Command Injection Aos Cx
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-23680 HIGH This Week

AOS-CX lacks Anti-CSRF protections in place for state-changing operations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba CSRF Aos Cx
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-23679 HIGH This Week

AOS-CX lacks Anti-CSRF protections in place for state-changing operations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba CSRF Aos Cx
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-23678 MEDIUM This Month

A vulnerability in the Aruba Virtual Intranet Access (VIA) client for Microsoft Windows operating system client communications that could allow for an attacker in a privileged network position to. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Information Disclosure Aruba Aruba Virtual Intranet Access
NVD
CVSS 3.1
5.9
EPSS
0.8%
CVE-2022-23674 MEDIUM This Month

A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Aruba Clearpass Policy Manager
NVD
CVSS 3.1
5.4
EPSS
0.5%
CVE-2022-23675 MEDIUM This Month

A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Aruba Clearpass Policy Manager
NVD
CVSS 3.1
4.8
EPSS
0.5%
CVE-2022-23673 HIGH This Week

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2022-23672 HIGH This Week

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
2.1%
CVE-2022-23671 HIGH This Week

A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Clearpass Policy Manager
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-23669 HIGH This Week

A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Clearpass Policy Manager
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-23670 MEDIUM This Month

A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Information Disclosure Clearpass Policy Manager
NVD
CVSS 3.1
6.5
EPSS
1.0%
CVE-2022-23668 MEDIUM This Month

A remote authenticated server-side request forgery (ssrf) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Aruba Clearpass Policy Manager
NVD
CVSS 3.1
4.9
EPSS
0.9%
CVE-2022-23667 HIGH This Week

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
1.4%
CVE-2022-23666 CRITICAL Act Now

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
9.1
EPSS
2.1%
CVE-2022-23665 CRITICAL Act Now

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
9.1
EPSS
2.1%
CVE-2022-23664 CRITICAL Act Now

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
9.1
EPSS
2.1%
CVE-2022-23663 CRITICAL Act Now

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
9.1
EPSS
2.1%
CVE-2022-23662 CRITICAL Act Now

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
9.1
EPSS
2.1%
CVE-2022-23661 CRITICAL Act Now

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
9.1
EPSS
2.1%
CVE-2022-23660 CRITICAL Act Now

A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Clearpass Policy Manager
NVD
CVSS 3.1
10.0
EPSS
2.7%
CVE-2022-23659 MEDIUM This Month

A remote reflected cross site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Aruba Clearpass Policy Manager
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-23658 CRITICAL Act Now

A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Clearpass Policy Manager
NVD
CVSS 3.1
10.0
EPSS
2.7%
CVE-2022-23657 CRITICAL Act Now

A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Clearpass Policy Manager
NVD
CVSS 3.1
10.0
EPSS
3.0%
CVE-2022-23677 HIGH This Week

A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions;. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Memory Corruption RCE Buffer Overflow Aruba 5406R Firmware +10
NVD
CVSS 3.1
8.1
EPSS
19.5%
CVE-2022-23676 CRITICAL Act Now

A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions;. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Aruba 5406R Firmware +10
NVD
CVSS 3.1
9.8
EPSS
21.9%
CVE-2021-40998 HIGH This Week

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
7.2
EPSS
2.8%
CVE-2021-40997 CRITICAL Act Now

A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Clearpass Policy Manager
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-40996 CRITICAL Act Now

A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Clearpass Policy Manager
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-40995 MEDIUM This Month

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
6.3
EPSS
1.1%
CVE-2021-40994 MEDIUM This Month

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
CVSS 3.1
6.3
EPSS
1.1%
CVE-2021-40993 HIGH This Week

A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Aruba Clearpass Policy Manager
NVD
CVSS 3.1
8.1
EPSS
1.1%
EPSS 2% CVSS 9.8
CRITICAL Act Now

There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Aruba Command Injection +2
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Aruba Command Injection +2
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

There are multiple command injection vulnerabilities that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks access point. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Aruba Command Injection +2
NVD
EPSS 1% CVSS 7.2
HIGH This Week

A vulnerability in the Aruba EdgeConnect Enterprise web management interface allows remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Aruba Code Injection +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise command line interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Aruba Edgeconnect Enterprise
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Aruba Code Injection +1
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Aruba Code Injection +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise web interface. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Aruba Edgeconnect Enterprise
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

A vulnerability within the web-based management interface of EdgeConnect Enterprise could allow a remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba XSS Edgeconnect Enterprise
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

A vulnerability within the web-based management interface of Aruba EdgeConnect Enterprise could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba XSS Edgeconnect Enterprise
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Edgeconnect Enterprise
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Aruba Edgeconnect Enterprise
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Aruba Edgeconnect Enterprise
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Aruba Edgeconnect Enterprise
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Aruba Edgeconnect Enterprise
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability exists in the API of Aruba EdgeConnect Enterprise. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Aruba Edgeconnect Enterprise
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

Aruba has identified certain configurations of ArubaOS that can lead to sensitive information disclosure from the configured ESSIDs. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Aruba Sd Wan +1
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

There is a command injection vulnerability that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Aruba +2
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Airwave
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Airwave
NVD
EPSS 1% CVSS 8.1
HIGH This Week

Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Airwave
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to run arbitrary commands on the underlying host. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Command Injection Aruba Edgeconnect Enterprise Orchestrator
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to bypass authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Authentication Bypass Aruba Edgeconnect Enterprise Orchestrator
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to bypass authentication. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Authentication Bypass Aruba Edgeconnect Enterprise Orchestrator
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba XSS Arubaos +2
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Denial Of Service Arubaos +2
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

An unauthenticated Denial of Service (DoS) vulnerability exists in the handling of certain SSID strings by Aruba InstantOS and ArubaOS 10. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Denial Of Service Arubaos +2
NVD
EPSS 1% CVSS 7.8
HIGH This Week

An authenticated command injection vulnerability exists in the Aruba InstantOS and ArubaOS 10 command line interface. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Aruba Command Injection Arubaos +2
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A vulnerability in the Aruba InstantOS and ArubaOS 10 web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba XSS Arubaos +2
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Buffer Overflow Arubaos +2
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Buffer Overflow Arubaos +2
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow +3
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow +3
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow +3
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow +3
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba RCE Buffer Overflow +3
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba SQLi Clearpass Policy Manager
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba SQLi Clearpass Policy Manager
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba SQLi Clearpass Policy Manager
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba SQLi Clearpass Policy Manager
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Vulnerabilities in the web-based management interface of ClearPass Policy Manager could allow an authenticated remote attacker to conduct SQL injection attacks against the ClearPass Policy Manager. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba SQLi Clearpass Policy Manager
NVD
EPSS 0% CVSS 8.8
HIGH This Week

A vulnerability in the ClearPass Policy Manager web-based management interface exists which exposes some endpoints to a lack of Cross-Site Request Forgery (CSRF) protection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba CSRF Clearpass Policy Manager
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A vulnerability exists in the ClearPass Policy Manager Guest User Interface that can allow an unauthenticated attacker to send specific operations which result in a Denial-of-Service condition. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Denial Of Service Clearpass Policy Manager
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Command Injection Clearpass Policy Manager
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Command Injection Clearpass Policy Manager
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Command Injection Clearpass Policy Manager
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Command Injection Clearpass Policy Manager
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Command Injection Clearpass Policy Manager
NVD
EPSS 1% CVSS 7.2
HIGH This Week

Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Command Injection Clearpass Policy Manager
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A vulnerability in the ClearPass OnGuard macOS agent could allow malicious users on a macOS instance to elevate their user privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Aruba Apple RCE +1
NVD
EPSS 0% CVSS 6.8
MEDIUM This Month

A vulnerability exists in certain AOS-CX switch models which could allow an attacker with access to the recovery console to bypass normal authentication. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Authentication Bypass Aos Cx
NVD
EPSS 1% CVSS 5.3
MEDIUM This Month

A vulnerability in the web-based management interface of AOS-CX could allow a remote unauthenticated attacker to fingerprint the exact version AOS-CX running on the switch. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Aos Cx
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A vulnerability in the web-based management interface of AOS-CX could allow a remote authenticated user with read-only privileges to escalate their permissions to those of an administrative user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Privilege Escalation Aos Cx
NVD
EPSS 2% CVSS 7.2
HIGH This Week

Authenticated command injection vulnerabilities exist in the AOS-CX Network Analytics Engine via NAE scripts. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Command Injection Aos Cx
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Aruba Command Injection Aos Cx
NVD
EPSS 1% CVSS 7.8
HIGH This Week

Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Aruba Command Injection Aos Cx
NVD
EPSS 0% CVSS 8.8
HIGH This Week

AOS-CX lacks Anti-CSRF protections in place for state-changing operations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba CSRF Aos Cx
NVD
EPSS 0% CVSS 8.8
HIGH This Week

AOS-CX lacks Anti-CSRF protections in place for state-changing operations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba CSRF Aos Cx
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

A vulnerability in the Aruba Virtual Intranet Access (VIA) client for Microsoft Windows operating system client communications that could allow for an attacker in a privileged network position to. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft Information Disclosure Aruba +1
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Aruba Clearpass Policy Manager
NVD
EPSS 1% CVSS 4.8
MEDIUM This Month

A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Aruba Clearpass Policy Manager
NVD
EPSS 2% CVSS 7.2
HIGH This Week

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
EPSS 2% CVSS 7.2
HIGH This Week

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
EPSS 1% CVSS 7.5
HIGH This Week

A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Aruba Information Disclosure Clearpass Policy Manager
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A remote authorization bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Clearpass Policy Manager
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Aruba Information Disclosure Clearpass Policy Manager
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

A remote authenticated server-side request forgery (ssrf) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SSRF Aruba Clearpass Policy Manager
NVD
EPSS 1% CVSS 7.2
HIGH This Week

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
EPSS 3% CVSS 10.0
CRITICAL Act Now

A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Clearpass Policy Manager
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

A remote reflected cross site scripting (xss) vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Aruba Clearpass Policy Manager
NVD
EPSS 3% CVSS 10.0
CRITICAL Act Now

A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Clearpass Policy Manager
NVD
EPSS 3% CVSS 10.0
CRITICAL Act Now

A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Clearpass Policy Manager
NVD
EPSS 20% CVSS 8.1
HIGH This Week

A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions;. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Memory Corruption RCE Buffer Overflow +12
NVD
EPSS 22% CVSS 9.8
CRITICAL Act Now

A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions;. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow +12
NVD
EPSS 3% CVSS 7.2
HIGH This Week

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Clearpass Policy Manager
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

A remote authentication bypass vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Aruba Clearpass Policy Manager
NVD
EPSS 1% CVSS 6.3
MEDIUM This Month

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
EPSS 1% CVSS 6.3
MEDIUM This Month

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Aruba Clearpass Policy Manager
NVD
EPSS 1% CVSS 8.1
HIGH This Week

A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 - - ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Aruba Clearpass Policy Manager
NVD
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy