← Back

Arubanetworks

arubanetworks

578 CVEs • 213 products

Products (213)

Click to collapse
Toggle
Arubaos
arubaos
227 CVEs
Clearpass Policy Manager
clearpass_policy_manager
136 CVEs
Sd Wan
sd-wan
88 CVEs
Clearpass
clearpass
36 CVEs
Airwave
airwave
36 CVEs
Instant
instant
33 CVEs
Edgeconnect Sd Wan Orchestrator
edgeconnect_sd-wan_orchestrator
29 CVEs
Edgeconnect Enterprise
edgeconnect_enterprise
25 CVEs
Aruba Edgeconnect Enterprise Orchestrator
aruba_edgeconnect_enterprise_orchestrator
16 CVEs
Aruba Instant
aruba_instant
12 CVEs
Airwave Glass
airwave_glass
12 CVEs
Aos Cx
aos-cx
12 CVEs
2920 Firmware
2920_firmware
5 CVEs
2540 Firmware
2540_firmware
5 CVEs
Fabric Composer
fabric_composer
5 CVEs
Aruba Mobility Controller
aruba_mobility__controller
4 CVEs
2530 Firmware
2530_firmware
4 CVEs
5400r Firmware
5400r_firmware
3 CVEs
3810 Firmware
3810_firmware
3 CVEs
2930 Firmware
2930_firmware
3 CVEs
Aos Cx Firmware
aos-cx_firmware
3 CVEs
Cx 6200f Firmware
cx_6200f_firmware
2 CVEs
Cx 6300 Firmware
cx_6300_firmware
2 CVEs
Cx 6400 Firmware
cx_6400_firmware
2 CVEs
Cx 8320 Firmware
cx_8320_firmware
2 CVEs
Cx 8325 Firmware
cx_8325_firmware
2 CVEs
Cx 8400 Firmware
cx_8400_firmware
2 CVEs
5406r Firmware
5406r_firmware
2 CVEs
3810m Firmware
3810m_firmware
2 CVEs
2930f Firmware
2930f_firmware
2 CVEs
2930m Firmware
2930m_firmware
2 CVEs
5412r Firmware
5412r_firmware
2 CVEs
2615 Firmware
2615_firmware
2 CVEs
2620 Firmware
2620_firmware
2 CVEs
2915 Firmware
2915_firmware
2 CVEs
Clearpass Guest
clearpass_guest
1 CVE
Instant Access Point Firmware
instant_access_point_firmware
1 CVE
Web Management Portal
web_management_portal
1 CVE
203rp Firmware
203rp_firmware
1 CVE
203r Firmware
203r_firmware
1 CVE
Ap 300 Series Access Points Firmware
ap-300_series_access_points_firmware
1 CVE
Ap 300 Series Instant Access Points Firmware
ap-300_series_instant_access_points_firmware
1 CVE
2530 With Gigt Port Firmware
2530_with_gigt_port_firmware
1 CVE
2530 10/100 Port Firmware
2530_10/100_port_firmware
1 CVE
Analytics And Location Engine
analytics_and_location_engine
1 CVE
Aruba 5406r Zl2 Firmware
aruba_5406r_zl2_firmware
1 CVE
Aruba 5412r Zl2 Firmware
aruba_5412r_zl2_firmware
1 CVE
Aruba 3810m Firmware
aruba_3810m_firmware
1 CVE
Aruba 2930m Firmware
aruba_2930m_firmware
1 CVE
Aruba 2930f Firmware
aruba_2930f_firmware
1 CVE
Aruba 2920 Firmware
aruba_2920_firmware
1 CVE
Aruba 2540 Firmware
aruba_2540_firmware
1 CVE
Aruba 2530ya Firmware
aruba_2530ya_firmware
1 CVE
Aruba 3800 Firmware
aruba_3800_firmware
1 CVE
Aruba 2620 Firmware
aruba_2620_firmware
1 CVE
Aruba 2530yb Firmware
aruba_2530yb_firmware
1 CVE
Instant Access Point
instant_access_point
0 CVEs
203rp
0 CVEs
203r
0 CVEs
Ap 300 Series Access Points
ap-300_series_access_points
0 CVEs
Ap 300 Series Instant Access Points
ap-300_series_instant_access_points
0 CVEs
5400r
0 CVEs
3810
0 CVEs
2920
0 CVEs
2930
0 CVEs
2530 With Gigt Port
2530_with_gigt_port
0 CVEs
2530 10/100 Port
2530_10/100_port
0 CVEs
2540
0 CVEs
Vx 500
vx-500
0 CVEs
Vx 1000
vx-1000
0 CVEs
Vx 2000
vx-2000
0 CVEs
Vx 3000
vx-3000
0 CVEs
Vx 5000
vx-5000
0 CVEs
Vx 6000
vx-6000
0 CVEs
Vx 7000
vx-7000
0 CVEs
Vx 9000
vx-9000
0 CVEs
Vx 8000
vx-8000
0 CVEs
Nx 700
nx-700
0 CVEs
Nx 1000
nx-1000
0 CVEs
Nx 2000
nx-2000
0 CVEs
Nx 3000
nx-3000
0 CVEs
Nx 5000
nx-5000
0 CVEs
Nx 6000
nx-6000
0 CVEs
Nx 7000
nx-7000
0 CVEs
Nx 8000
nx-8000
0 CVEs
Nx 9000
nx-9000
0 CVEs
Nx 10k
nx-10k
0 CVEs
Nx 11k
nx-11k
0 CVEs
2530
0 CVEs
Cx 6200f
cx_6200f
0 CVEs
Cx 6300
cx_6300
0 CVEs
Cx 6400
cx_6400
0 CVEs
Cx 8320
cx_8320
0 CVEs
Cx 8325
cx_8325
0 CVEs
Cx 8400
cx_8400
0 CVEs
7005
0 CVEs
7008
0 CVEs
7010
0 CVEs
7024
0 CVEs
7030
0 CVEs

CVEs (578)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-37421
1Arubanetworks
1Edgeconnect Sd Wan Orchestrator
Nov 21, 2024
Aug 22, 2023
N/A· v4
5.4 MEDIUM· v3
N/A· v2
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user o...Show more
Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.Show less
CVE-2023-35982
2Arubanetworks
Hp
2Arubaos
Instantos
Nov 21, 2024
Jul 25, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point managemen...Show more
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.Show less
CVE-2023-35981
2Arubanetworks
Hp
2Arubaos
Instantos
Nov 21, 2024
Jul 25, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point managemen...Show more
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.Show less
CVE-2023-35980
2Arubanetworks
Hp
2Arubaos
Instantos
Nov 21, 2024
Jul 25, 2023
N/A· v4
9.8 CRITICAL· v3
N/A· v2
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point managemen...Show more
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system.Show less
CVE-2023-35979
1Arubanetworks
1Arubaos
Nov 21, 2024
Jul 5, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
There is an unauthenticated buffer overflow vulnerability in the process controlling the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in a Denial-of-Service (DoS) conditio...Show more
There is an unauthenticated buffer overflow vulnerability in the process controlling the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in a Denial-of-Service (DoS) condition affecting the web-based management interface of the controller.Show less
CVE-2023-35978
1Arubanetworks
1Arubaos
Nov 21, 2024
Jul 5, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
A vulnerability in ArubaOS could allow an unauthenticated remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface. A successful exploit could allow an...Show more
A vulnerability in ArubaOS could allow an unauthenticated remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.Show less
CVE-2023-35977
1Arubanetworks
1Arubaos
Nov 21, 2024
Jul 5, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users...Show more
Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level.Show less
CVE-2023-35976
1Arubanetworks
1Arubaos
Nov 21, 2024
Jul 5, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users...Show more
Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level.Show less
CVE-2023-35975
1Arubanetworks
1Arubaos
Nov 21, 2024
Jul 5, 2023
N/A· v4
8.1 HIGH· v3
N/A· v2
An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to delete arbitrary files in the underlying operating syste...Show more
An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to delete arbitrary files in the underlying operating system.Show less
CVE-2023-35974
1Arubanetworks
1Arubaos
Nov 21, 2024
Jul 5, 2023
N/A· v4
7.2 HIGH· v3
N/A· v2
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on th...Show more
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.Show less
CVE-2023-35973
1Arubanetworks
1Arubaos
Nov 21, 2024
Jul 5, 2023
N/A· v4
7.2 HIGH· v3
N/A· v2
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on th...Show more
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.Show less
CVE-2023-35972
1Arubanetworks
1Arubaos
Nov 21, 2024
Jul 5, 2023
N/A· v4
7.2 HIGH· v3
N/A· v2
An authenticated remote command injection vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privil...Show more
An authenticated remote command injection vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to fully compromise the underlying operating system on the device running ArubaOS.Show less
CVE-2023-35971
1Arubanetworks
1Arubaos
Nov 21, 2024
Jul 5, 2023
N/A· v4
6.1 MEDIUM· v3
N/A· v2
A vulnerability in the ArubaOS web-based management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. A successful exploit cou...Show more
A vulnerability in the ArubaOS web-based management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.Show less
CVE-2023-30510
1Arubanetworks
1Edgeconnect Enterprise
Nov 21, 2024
May 16, 2023
N/A· v4
4.3 MEDIUM· v3
N/A· v2
A vulnerability exists in the Aruba EdgeConnect Enterprise web management interface that allows remote authenticated users to issue arbitrary URL requests from the Aruba EdgeConnect Enterprise instance. The impact of thi...Show more
A vulnerability exists in the Aruba EdgeConnect Enterprise web management interface that allows remote authenticated users to issue arbitrary URL requests from the Aruba EdgeConnect Enterprise instance. The impact of this vulnerability is limited to a subset of URLs which can result in the possible disclosure of data due to the network position of the Aruba EdgeConnect Enterprise instance.Show less
CVE-2023-30509
1Arubanetworks
1Edgeconnect Enterprise
Jan 22, 2025
May 16, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on th...Show more
Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files.Show less
CVE-2023-30508
1Arubanetworks
1Edgeconnect Enterprise
Jan 22, 2025
May 16, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on th...Show more
Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files.Show less
CVE-2023-30507
1Arubanetworks
1Edgeconnect Enterprise
Jan 31, 2025
May 16, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on th...Show more
Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files.Show less
CVE-2023-30506
1Arubanetworks
1Edgeconnect Enterprise
Jan 31, 2025
May 16, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities re...Show more
Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.Show less
CVE-2023-30505
1Arubanetworks
1Edgeconnect Enterprise
Nov 21, 2024
May 16, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities re...Show more
Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.Show less
CVE-2023-30504
1Arubanetworks
1Edgeconnect Enterprise
Nov 21, 2024
May 16, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities re...Show more
Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.Show less