Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arubanetworks aos-cx vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-23681
Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection. A successful exploit could allow an malicious user to execute arbitrary commands as root on the underlying operating system leading to complete switch compromis...
Arubanetworks Aos-cx
8.8
CVSSv3
CVE-2022-23679
AOS-CX lacks Anti-CSRF protections in place for state-changing operations. This can potentially be exploited by an malicious user to execute commands in the context of another user in ArubaOS-CX Switches version(s): AOS-CX 10.10.xxxx: 10.10.0002 and below, AOS-CX 10.09.xxxx: 10.0...
Arubanetworks Aos-cx
8.8
CVSSv3
CVE-2022-23680
AOS-CX lacks Anti-CSRF protections in place for state-changing operations. This can potentially be exploited by an malicious user to execute commands in the context of another user in ArubaOS-CX Switches version(s): AOS-CX 10.10.xxxx: 10.10.0002 and below, AOS-CX 10.09.xxxx: 10.0...
Arubanetworks Aos-cx
8.8
CVSSv3
CVE-2022-23684
A vulnerability in the web-based management interface of AOS-CX could allow a remote authenticated user with read-only privileges to escalate their permissions to those of an administrative user. Successful exploitation of this vulnerability allows an malicious user to escalate p...
Arubanetworks Aos-cx
7.2
CVSSv3
CVE-2022-23683
Authenticated command injection vulnerabilities exist in the AOS-CX Network Analytics Engine via NAE scripts. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system, leading to a...
Arubanetworks Aos-cx
4.3
CVSSv3
CVE-2022-23687
Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Successful exploitation of these vulnerabilities may allow an malicious user to impact the availability of the AOS-CX LLDP service and/or the management plane of the switch in ArubaOS-C...
Arubanetworks Aos-cx
4.3
CVSSv3
CVE-2022-23688
Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Successful exploitation of these vulnerabilities may allow an malicious user to impact the availability of the AOS-CX LLDP service and/or the management plane of the switch in ArubaOS-C...
Arubanetworks Aos-cx
4.3
CVSSv3
CVE-2022-23689
Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Successful exploitation of these vulnerabilities may allow an malicious user to impact the availability of the AOS-CX LLDP service and/or the management plane of the switch in ArubaOS-C...
Arubanetworks Aos-cx
5.3
CVSSv3
CVE-2022-23690
A vulnerability in the web-based management interface of AOS-CX could allow a remote unauthenticated malicious user to fingerprint the exact version AOS-CX running on the switch. This allows an malicious user to retrieve information which could be used to more precisely target th...
Arubanetworks Aos-cx
7.8
CVSSv3
CVE-2022-23682
Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to authenticated command injection. A successful exploit could allow an malicious user to execute arbitrary commands as root on the underlying operating system leading to complete switch compromis...
Arubanetworks Aos-cx
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »