Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aruba vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-37915
A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote malicious user to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability could allow an malicious user to...
Arubanetworks Aruba Edgeconnect Enterprise Orchestrator
7.2
CVSSv3
CVE-2021-37732
A remote arbitrary command execution vulnerability exists in HPE Aruba Instant (IAP) version(s): Aruba Instant 6.4.x.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x.x: 6.5.4.18 and below; Aruba Instant 8.5.x.x: 8.5.0.11 and below; Aruba Instant 8.6.x.x: 8.6.0.6 and below; Arub...
Arubanetworks Aruba Instant
Siemens Scalance W1750d Firmware
8.1
CVSSv3
CVE-2017-9001
Aruba ClearPass 6.6.3 and later includes a feature called "SSH Lockout", which causes ClearPass to lock accounts with too many login failures through SSH. When this feature is enabled, an unauthenticated remote command execution vulnerability is present which could allo...
Hp Aruba Clearpass Policy Manager
9.8
CVSSv3
CVE-2018-7058
Aruba ClearPass, all versions of 6.6.x before 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. The vulnerability is exposed only on ClearPass web interfaces, including adminis...
Hp Aruba Clearpass Policy Manager
8.8
CVSSv3
CVE-2018-7059
Aruba ClearPass before 6.6.9 has a vulnerability in the API that helps to coordinate cluster actions. An authenticated user with the "mon" permission could use this vulnerability to obtain cluster credentials which could allow privilege escalation. This vulnerability is...
Hp Aruba Clearpass Policy Manager
6.1
CVSSv3
CVE-2018-7064
A reflected cross-site scripting (XSS) vulnerability is present in an unauthenticated Aruba Instant web interface. An attacker could use this vulnerability to trick an IAP administrator into clicking a link which could then take administrative actions on the Instant cluster, or e...
Arubanetworks Aruba Instant
Siemens Scalance W1750d Firmware
7.2
CVSSv3
CVE-2018-7082
A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration i...
Arubanetworks Aruba Instant
Siemens Scalance W1750d Firmware
7.5
CVSSv3
CVE-2018-7083
If a process running within Aruba Instant crashes, it may leave behind a "core dump", which contains the memory contents of the process at the time it crashed. It exists that core dumps are stored in a way that unauthenticated users can access them through the Aruba Ins...
Arubanetworks Aruba Instant
Siemens Scalance W1750d Firmware
9.8
CVSSv3
CVE-2018-7084
A command injection vulnerability is present that permits an unauthenticated user with access to the Aruba Instant web interface to execute arbitrary system commands within the underlying operating system. An attacker could use this ability to copy files, read configuration, writ...
Arubanetworks Aruba Instant
Siemens Scalance W1750d Firmware
6.1
CVSSv3
CVE-2017-9002
All versions of Aruba ClearPass before 6.6.8 contain reflected cross-site scripting vulnerabilities. By exploiting this vulnerability, an attacker who can trick a logged-in ClearPass administrative user into clicking a link could obtain sensitive information, such as session cook...
Hp Aruba Clearpass Policy Manager
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »