Multiple vulnerabilities exists in Aruba Instate prior to 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
arubanetworks arubaos |
||
arubanetworks aruba instant 4.2.3.1 |
||
arubanetworks aruba instant |
||
arubanetworks airwave |
||
siemens scalance_w1750d_firmware |
Google bug-hunters disclose 26 vulnerabilities
Aruba Networks is slinging patches at a bunch of vulnerabilities in management platforms, its Aruba Instant Platform, and its proprietary ArubaOS PAPI management API. The company posted three advisories here after Google put it on a 90-day deadline, with the Chocolate Factory's Sven Blumenstein dropping a consolidated report of 26 individual vulns at Full Disclosure on Friday. Al are considered “urgent”, according to the HP subsidiary. In a tone of some irritation, Aruba says it's “remindi...