18 matches found
PT-2026-24411
Name of the Vulnerable Software and Affected Versions Aruba AOS-CX affected versions not specified Description A critical authentication bypass flaw exists in Aruba AOS-CX switches. This flaw allows an unauthenticated remote attacker to reset administrator passwords through the web management...
HPE Aruba Networking AOS-CX 安全漏洞
HPE Aruba Networking AOS-CX is a series of switch devices from HPE America. A security vulnerability exists in the HPE Aruba Networking AOS-CX that stems from a command injection vulnerability that could lead to remote code execution...
EUVD-2021-12052
Malware in sbrugna...
CVE-2019-5320
Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08. before 16.08.0009, 16.09. before 16.09.0007, 16.10. before 16.10.0003 are vulnerable to Cross Site Scripting in the web UI, leading to injection of code...
CVE-2022-23691
A vulnerability exists in certain AOS-CX switch models which could allow an attacker with access to the recovery console to bypass normal authentication. A successful exploit allows an attacker to bypass system authentication and achieve total switch compromise in ArubaOS-CX Switches versions:...
CVE-2022-23680
AOS-CX lacks Anti-CSRF protections in place for state-changing operations. This can potentially be exploited by an attacker to execute commands in the context of another user in ArubaOS-CX Switches versions: AOS-CX 10.10.xxxx: 10.10.0002 and below, AOS-CX 10.09.xxxx: 10.09.1020 and below, AOS-CX...
CVE-2022-23679
AOS-CX lacks Anti-CSRF protections in place for state-changing operations. This can potentially be exploited by an attacker to execute commands in the context of another user in ArubaOS-CX Switches versions: AOS-CX 10.10.xxxx: 10.10.0002 and below, AOS-CX 10.09.xxxx: 10.09.1020 and below, AOS-CX...
PT-2022-16197 · Aruba · Arubaos-Cx Switches
Name of the Vulnerable Software and Affected Versions: ArubaOS-CX Switches versions 10.09.1010 and below ArubaOS-CX Switches versions 10.08.1050 and below ArubaOS-CX Switches versions 10.06.0190 and below Description: Multiple vulnerabilities exist in the processing of packet data by the LLDP...
Aruba AOS-CX 授权问题漏洞
Aruba AOS-CX is a modern programmable network from Aruba, USA. A security vulnerability exists in the Aruba AOS-CX, no information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor announcement...
The vulnerability of the NanoSSL library in microprogramming software for Aruba switches such as Aruba 5400R, Aruba 3810, Aruba 2920, Aruba 2930F, Aruba 2930M, Aruba 2530, and Aruba 2540 allows a hacker to execute arbitrary code.
The vulnerability of the NanoSSL microprogramming software library used in Aruba 5400R, Aruba 3810, Aruba 2920, Aruba 2930F, Aruba 2930M, Aruba 2530, and Aruba 2540 switches is related to improper code generation management. Exploiting this vulnerability allows a remote attacker to execute...
Critical TLStorm 2.0 Bugs Affect Widely-Used Aruba and Avaya Network Switches
Cybersecurity researchers have detailed as many as five severe security flaws in the implementation of TLS protocol in several models of Aruba and Avaya network switches that could be abused to gain remote access to enterprise networks and steal valuable information. The findings follow the March...
CVE-2021-41003
Multiple unauthenticated command injection vulnerabilities were discovered in the AOS-CX API interface in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series...
CVE-2021-41002
Multiple authenticated remote path traversal vulnerabilities were discovered in the AOS-CX command line interface in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch...
CVE-2021-41001
An authenticated remote code execution vulnerability was discovered in the AOS-CX Network Analytics Engine NAE in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch...
CVE-2021-41000
Multiple authenticated remote code execution vulnerabilities were discovered in the AOS-CX command line interface in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch...
CVE-2021-29149
A local bypass security restrictions vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series versions: Aruba AOS-CX firmware:...
CVE-2019-5320
Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08. before 16.08.0009, 16.09. before 16.09.0007, 16.10. before 16.10.0003 are vulnerable to Cross Site Scripting in the web UI, leading to injection of code...
CVE-2019-5322
A remotely exploitable information disclosure vulnerability is present in Aruba Intelligent Edge Switch models 5400, 3810, 2920, 2930, 2530 with GigT port, 2530 10/100 port, or 2540. The vulnerability impacts firmware 16.08. before 16.08.0009, 16.09. before 16.09.0007 and 16.10. before 16.10.0003...