← Back

Arubanetworks

arubanetworks

578 CVEs • 213 products

Products (213)

Click to collapse
Toggle
Arubaos
arubaos
227 CVEs
Clearpass Policy Manager
clearpass_policy_manager
136 CVEs
Sd Wan
sd-wan
88 CVEs
Clearpass
clearpass
36 CVEs
Airwave
airwave
36 CVEs
Instant
instant
33 CVEs
Edgeconnect Sd Wan Orchestrator
edgeconnect_sd-wan_orchestrator
29 CVEs
Edgeconnect Enterprise
edgeconnect_enterprise
25 CVEs
Aruba Edgeconnect Enterprise Orchestrator
aruba_edgeconnect_enterprise_orchestrator
16 CVEs
Aruba Instant
aruba_instant
12 CVEs
Airwave Glass
airwave_glass
12 CVEs
Aos Cx
aos-cx
12 CVEs
2920 Firmware
2920_firmware
5 CVEs
2540 Firmware
2540_firmware
5 CVEs
Fabric Composer
fabric_composer
5 CVEs
Aruba Mobility Controller
aruba_mobility__controller
4 CVEs
2530 Firmware
2530_firmware
4 CVEs
5400r Firmware
5400r_firmware
3 CVEs
3810 Firmware
3810_firmware
3 CVEs
2930 Firmware
2930_firmware
3 CVEs
Aos Cx Firmware
aos-cx_firmware
3 CVEs
Cx 6200f Firmware
cx_6200f_firmware
2 CVEs
Cx 6300 Firmware
cx_6300_firmware
2 CVEs
Cx 6400 Firmware
cx_6400_firmware
2 CVEs
Cx 8320 Firmware
cx_8320_firmware
2 CVEs
Cx 8325 Firmware
cx_8325_firmware
2 CVEs
Cx 8400 Firmware
cx_8400_firmware
2 CVEs
5406r Firmware
5406r_firmware
2 CVEs
3810m Firmware
3810m_firmware
2 CVEs
2930f Firmware
2930f_firmware
2 CVEs
2930m Firmware
2930m_firmware
2 CVEs
5412r Firmware
5412r_firmware
2 CVEs
2615 Firmware
2615_firmware
2 CVEs
2620 Firmware
2620_firmware
2 CVEs
2915 Firmware
2915_firmware
2 CVEs
Clearpass Guest
clearpass_guest
1 CVE
Instant Access Point Firmware
instant_access_point_firmware
1 CVE
Web Management Portal
web_management_portal
1 CVE
203rp Firmware
203rp_firmware
1 CVE
203r Firmware
203r_firmware
1 CVE
Ap 300 Series Access Points Firmware
ap-300_series_access_points_firmware
1 CVE
Ap 300 Series Instant Access Points Firmware
ap-300_series_instant_access_points_firmware
1 CVE
2530 With Gigt Port Firmware
2530_with_gigt_port_firmware
1 CVE
2530 10/100 Port Firmware
2530_10/100_port_firmware
1 CVE
Analytics And Location Engine
analytics_and_location_engine
1 CVE
Aruba 5406r Zl2 Firmware
aruba_5406r_zl2_firmware
1 CVE
Aruba 5412r Zl2 Firmware
aruba_5412r_zl2_firmware
1 CVE
Aruba 3810m Firmware
aruba_3810m_firmware
1 CVE
Aruba 2930m Firmware
aruba_2930m_firmware
1 CVE
Aruba 2930f Firmware
aruba_2930f_firmware
1 CVE
Aruba 2920 Firmware
aruba_2920_firmware
1 CVE
Aruba 2540 Firmware
aruba_2540_firmware
1 CVE
Aruba 2530ya Firmware
aruba_2530ya_firmware
1 CVE
Aruba 3800 Firmware
aruba_3800_firmware
1 CVE
Aruba 2620 Firmware
aruba_2620_firmware
1 CVE
Aruba 2530yb Firmware
aruba_2530yb_firmware
1 CVE
Instant Access Point
instant_access_point
0 CVEs
203rp
0 CVEs
203r
0 CVEs
Ap 300 Series Access Points
ap-300_series_access_points
0 CVEs
Ap 300 Series Instant Access Points
ap-300_series_instant_access_points
0 CVEs
5400r
0 CVEs
3810
0 CVEs
2920
0 CVEs
2930
0 CVEs
2530 With Gigt Port
2530_with_gigt_port
0 CVEs
2530 10/100 Port
2530_10/100_port
0 CVEs
2540
0 CVEs
Vx 500
vx-500
0 CVEs
Vx 1000
vx-1000
0 CVEs
Vx 2000
vx-2000
0 CVEs
Vx 3000
vx-3000
0 CVEs
Vx 5000
vx-5000
0 CVEs
Vx 6000
vx-6000
0 CVEs
Vx 7000
vx-7000
0 CVEs
Vx 9000
vx-9000
0 CVEs
Vx 8000
vx-8000
0 CVEs
Nx 700
nx-700
0 CVEs
Nx 1000
nx-1000
0 CVEs
Nx 2000
nx-2000
0 CVEs
Nx 3000
nx-3000
0 CVEs
Nx 5000
nx-5000
0 CVEs
Nx 6000
nx-6000
0 CVEs
Nx 7000
nx-7000
0 CVEs
Nx 8000
nx-8000
0 CVEs
Nx 9000
nx-9000
0 CVEs
Nx 10k
nx-10k
0 CVEs
Nx 11k
nx-11k
0 CVEs
2530
0 CVEs
Cx 6200f
cx_6200f
0 CVEs
Cx 6300
cx_6300
0 CVEs
Cx 6400
cx_6400
0 CVEs
Cx 8320
cx_8320
0 CVEs
Cx 8325
cx_8325
0 CVEs
Cx 8400
cx_8400
0 CVEs
7005
0 CVEs
7008
0 CVEs
7010
0 CVEs
7024
0 CVEs
7030
0 CVEs

CVEs (578)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2015-2201
2Arubanetworks
Hp
2Airwave
Airwave
Nov 21, 2024
Sep 5, 2023
N/A· v4
7.2 HIGH· v3
N/A· v2
Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows VisualRF remote OS command execution and file disclosure by administrative users.
CVE-2023-37440
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
5.3 MEDIUM· v3
N/A· v2
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to conduct a server-side request forgery (SSRF) attack. A successful exploit allows...Show more
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to conduct a server-side request forgery (SSRF) attack. A successful exploit allows an attacker to enumerate information about the internal     structure of the EdgeConnect SD-WAN Orchestrator host leading to potential disclosure of sensitive information. Show less
CVE-2023-37439
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator...Show more
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to     obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host. Show less
CVE-2023-37438
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator...Show more
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to     obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host. Show less
CVE-2023-37437
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator...Show more
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to     obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host. Show less
CVE-2023-37436
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator...Show more
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to     obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host. Show less
CVE-2023-37435
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator...Show more
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to     obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host. Show less
CVE-2023-37434
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
8.1 HIGH· v3
N/A· v2
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator...Show more
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to     obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host. Show less
CVE-2023-37433
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
8.1 HIGH· v3
N/A· v2
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator...Show more
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to     obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host. Show less
CVE-2023-37432
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
8.1 HIGH· v3
N/A· v2
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator...Show more
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to     obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host. Show less
CVE-2023-37431
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
8.1 HIGH· v3
N/A· v2
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator...Show more
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to     obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host. Show less
CVE-2023-37430
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
8.1 HIGH· v3
N/A· v2
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator...Show more
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to     obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host. Show less
CVE-2023-37429
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
8.1 HIGH· v3
N/A· v2
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator...Show more
Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to     obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host. Show less
CVE-2023-37428
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
7.2 HIGH· v3
N/A· v2
A vulnerability in the EdgeConnect SD-WAN Orchestrator web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to ex...Show more
A vulnerability in the EdgeConnect SD-WAN Orchestrator web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.Show less
CVE-2023-37427
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
7.2 HIGH· v3
N/A· v2
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to run arbitrary commands on the underlying host. Successful exploitation of this vuln...Show more
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability allows an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.Show less
CVE-2023-37426
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
EdgeConnect SD-WAN Orchestrator instances prior to the versions resolved in this advisory were found to have shared static SSH host keys for all installations. This vulnerability could allow an attacker to spoof the SSH...Show more
EdgeConnect SD-WAN Orchestrator instances prior to the versions resolved in this advisory were found to have shared static SSH host keys for all installations. This vulnerability could allow an attacker to spoof the SSH host signature and thereby masquerade as a legitimate Orchestrator host.Show less
CVE-2023-37425
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user...Show more
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.Show less
CVE-2023-37424
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
8.1 HIGH· v3
N/A· v2
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to run arbitrary commands on the underlying host if certain preconditions outside of...Show more
A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to run arbitrary commands on the underlying host if certain preconditions outside of the attacker's control are met. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise.Show less
CVE-2023-37423
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user o...Show more
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.Show less
CVE-2023-37422
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user o...Show more
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.Show less