Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
arubanetworks arubaos vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv3
CVE-2020-24637
Two vulnerabilities in ArubaOS GRUB2 implementation allows for an malicious user to bypass secureboot. Successful exploitation of this vulnerability this could lead to remote compromise of system integrity by allowing an malicious user to load an untrusted or modified kernel in A...
Arubanetworks Arubaos
Arubanetworks Sd-wan
NA
CVE-2008-7023
Aruba Mobility Controller running ArubaOS 3.3.1.16, and possibly other versions, installs the same default X.509 certificate for all installations, which allows remote malicious users to bypass authentication. NOTE: this is only a vulnerability when the administrator does not fol...
Arubanetworks Aruba Mobility Controller -
Arubanetworks Arubaos 3.3.1.16
NA
CVE-2008-7095
The SNMP daemon in ArubaOS 3.3.2.6 in Aruba Mobility Controller does not restrict SNMP access, which allows remote malicious users to (1) read all SNMP community strings via SNMP-COMMUNITY-MIB::snmpCommunityName (1.3.6.1.6.3.18.1.1.1.2) or SNMP-VIEW-BASED-ACM-MIB::vacmGroupName (...
Arubanetworks Aruba Mobility Controller
Arubanetworks Arubaos 3.3.2.6
6.1
CVSSv3
CVE-2023-35971
A vulnerability in the ArubaOS web-based management interface could allow an unauthenticated remote malicious user to conduct a stored cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an malicious user to execute arbitrary script...
Arubanetworks Arubaos
1 Github repository
7.2
CVSSv3
CVE-2023-35972
An authenticated remote command injection vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an...
Arubanetworks Arubaos
7.2
CVSSv3
CVE-2023-35973
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
Arubanetworks Arubaos
7.2
CVSSv3
CVE-2023-35974
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.
Arubanetworks Arubaos
8.1
CVSSv3
CVE-2023-35975
An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to delete arbitrary files in the underlying operating system.
Arubanetworks Arubaos
6.5
CVSSv3
CVE-2023-35976
Vulnerabilities exist which allow an authenticated malicious user to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level.
Arubanetworks Arubaos
6.5
CVSSv3
CVE-2023-35977
Vulnerabilities exist which allow an authenticated malicious user to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level.
Arubanetworks Arubaos
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »