CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
66.8%
Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.5.x, 2.5.6.x, 3.1.1.x, 3.2.0.x, and 3.3.1.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Vendor | Product | Version | CPE |
---|---|---|---|
aruba_networks | aruba_mobility_controller | 2.4.8 | cpe:2.3:a:aruba_networks:aruba_mobility_controller:2.4.8:*:*:*:*:*:*:* |
aruba_networks | aruba_mobility_controller | 2.4.8 | cpe:2.3:a:aruba_networks:aruba_mobility_controller:2.4.8:*:fips:*:*:*:*:* |
aruba_networks | aruba_mobility_controller | 2.5.5 | cpe:2.3:a:aruba_networks:aruba_mobility_controller:2.5.5:*:*:*:*:*:*:* |
aruba_networks | aruba_mobility_controller | 2.5.6 | cpe:2.3:a:aruba_networks:aruba_mobility_controller:2.5.6:*:*:*:*:*:*:* |
aruba_networks | aruba_mobility_controller | 3.1.1 | cpe:2.3:a:aruba_networks:aruba_mobility_controller:3.1.1:*:*:*:*:*:*:* |
aruba_networks | aruba_mobility_controller | 3.2.0 | cpe:2.3:a:aruba_networks:aruba_mobility_controller:3.2.0:*:*:*:*:*:*:* |
aruba_networks | aruba_mobility_controller | 3.3.1 | cpe:2.3:a:aruba_networks:aruba_mobility_controller:3.3.1:*:*:*:*:*:*:* |