Lucene search
K

48 matches found

CNNVD
CNNVD
added 2026/01/14 12:0 a.m.4 views

Hewlett Packard Enterprise Orchestrator 安全漏洞

Hewlett Packard Enterprise Orchestrator is a hardware appliance from Hewlett Packard Enterprise USA. It provides storage capabilities. A security vulnerability exists in Hewlett Packard Enterprise Orchestrator that stems from the ability to bypass multi-factor authentication requirements, which...

9.8CVSS6.8AI score0.00566EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/06 1:42 a.m.11 views

CVE-2022-43524

A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against an administrative user of the interface. A successful exploit allows an attacker to execute...

8.7CVSS5.8AI score0.00507EPSS
Exploits0References1
OSV
OSV
added 2023/01/05 7:15 a.m.4 views

CVE-2022-44534

A vulnerability in the Aruba EdgeConnect Enterprise Orchestrator web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system...

7.2CVSS6.1AI score0.01125EPSS
Exploits0References1
OSV
OSV
added 2023/01/05 7:15 a.m.3 views

CVE-2022-44535

A vulnerability in the Aruba EdgeConnect Enterprise Orchestrator web-based management interface allows remote low-privileged authenticated users to escalate their privileges to those of an administrative user. A successful exploit could allow an attacker to achieve administrative privilege on the...

8.8CVSS5.8AI score0.00897EPSS
Exploits0References1
OSV
OSV
added 2023/01/05 7:15 a.m.3 views

CVE-2022-43529

A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an remote attacker to persist a session after a password reset or similar session clearing event. Successful exploitation of this vulnerability could allow an authenticated attacker to...

5.4CVSS5.8AI score0.00425EPSS
Exploits0References1
NVD
NVD
added 2023/01/05 7:15 a.m.19 views

CVE-2022-43528

Under certain configurations, an attacker can login to Aruba EdgeConnect Enterprise Orchestrator without supplying a multi-factor authentication code. Successful exploitation allows an attacker to login using only a username and password and successfully bypass MFA requirements in Aruba EdgeConne...

6.5CVSS5.6AI score0.00368EPSS
Exploits0References1
OSV
OSV
added 2023/01/05 7:15 a.m.5 views

CVE-2022-43527

Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary...

6.1CVSS6AI score0.00462EPSS
Exploits0References1
OSV
OSV
added 2023/01/05 7:15 a.m.6 views

CVE-2022-43524

A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against an administrative user of the interface. A successful exploit allows an attacker to execute...

5.4CVSS6AI score0.00507EPSS
Exploits0References1
NVD
NVD
added 2023/01/05 7:15 a.m.28 views

CVE-2022-43522

Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. An attacker could exploit these vulnerabilities...

8.8CVSS9AI score0.00952EPSS
Exploits0References1
OSV
OSV
added 2023/01/05 7:15 a.m.2 views

CVE-2022-43519

Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. An attacker could exploit these vulnerabilities...

8.8CVSS5.8AI score0.00952EPSS
Exploits0References1
NVD
NVD
added 2023/01/05 7:15 a.m.19 views

CVE-2022-43521

Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. An attacker could exploit these vulnerabilities...

8.8CVSS9AI score0.00952EPSS
Exploits0References1
Prion
Prion
added 2023/01/05 7:15 a.m.24 views

Sql injection

Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. An attacker could exploit these vulnerabilities...

6.5CVSS8.8AI score0.00952EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/01/05 7:15 a.m.19 views

Design/Logic Flaw

Under certain configurations, an attacker can login to Aruba EdgeConnect Enterprise Orchestrator without supplying a multi-factor authentication code. Successful exploitation allows an attacker to login using only a username and password and successfully bypass MFA requirements in Aruba EdgeConne...

6.4CVSS6.7AI score0.00368EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/01/05 7:15 a.m.19 views

Authentication flaw

A vulnerability in the Aruba EdgeConnect Enterprise Orchestrator web-based management interface allows remote low-privileged authenticated users to escalate their privileges to those of an administrative user. A successful exploit could allow an attacker to achieve administrative privilege on the...

6.5CVSS8.7AI score0.00897EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/01/05 7:15 a.m.25 views

Cross site scripting

Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting XSS attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary...

5.8CVSS6AI score0.00462EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/01/05 7:15 a.m.25 views

Sql injection

Multiple vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the Aruba EdgeConnect Enterprise Orchestrator instance. An attacker could exploit these vulnerabilities...

6.5CVSS8.8AI score0.00952EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/01/05 12:0 a.m.7 views

Aruba Networks EdgeConnect Enterprise Orchestrator 安全漏洞

Aruba Networks EdgeConnect Enterprise Orchestrator is a centralized SD-WAN management solution from Aruba Networks, Inc. It provides optimization, management, automation, and real-time visibility and monitoring features for enterprise users. A security vulnerability exists in Aruba Networks...

8.8CVSS8AI score0.00897EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/05 12:0 a.m.8 views

Aruba Networks ClearPass Policy Manager 授权问题漏洞

Aruba Networks ClearPass Policy Manager is an Aruba Networks application that provides a secure access management system for wireless networks. An authorization issue vulnerability exists in Aruba EdgeConnect Enterprise Orchestrator. An attacker could use this vulnerability to continue a session...

5.4CVSS5.8AI score0.00425EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/05 12:0 a.m.4 views

Aruba Networks EdgeConnect Enterprise Orchestrator 安全漏洞

Aruba Networks EdgeConnect Enterprise Orchestrator is a centralized SD-WAN management solution from Aruba Networks, Inc. It provides optimization, management, automation, and real-time visibility and monitoring features for enterprise users. A security vulnerability exists in Aruba Networks...

7.2CVSS7.5AI score0.01125EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/01/05 12:0 a.m.10 views

Aruba Networks ClearPass Policy Manager 授权问题漏洞

Aruba Networks ClearPass Policy Manager is an Aruba Networks application that provides a secure access management system for wireless networks. A security vulnerability exists in Aruba Networks ClearPass Policy Manager. An attacker could use this vulnerability to bypass authentication and log in ...

6.5CVSS6.6AI score0.00368EPSS
Exploits0References2
Rows per page
Query Builder