Skip to main content

Arubaos Switch

3 CVEs product

Monthly

CVE-2023-39268 CRITICAL Act Now

A memory corruption vulnerability in ArubaOS-Switch could lead to unauthenticated remote code execution by receiving specially crafted packets. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Arubaos Switch
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2023-39267 MEDIUM This Month

An authenticated remote code execution vulnerability exists in the command line interface in ArubaOS-Switch. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Arubaos Switch
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-39266 MEDIUM This Month

A vulnerability in the ArubaOS-Switch web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Arubaos Switch
NVD
CVSS 3.1
6.1
EPSS
0.4%
EPSS 1% CVSS 9.8
CRITICAL Act Now

A memory corruption vulnerability in ArubaOS-Switch could lead to unauthenticated remote code execution by receiving specially crafted packets. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE +1
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

An authenticated remote code execution vulnerability exists in the command line interface in ArubaOS-Switch. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Arubaos Switch
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

A vulnerability in the ArubaOS-Switch web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Arubaos Switch
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy