Arubaos@* Security Vulnerabilities and Issues — Arubaos@* CVE List

Lucene search

ArubanetworksArubaos*

7 matches found

CVE•added 2019/09/13 5:15 p.m.•250 views

CVE-2018-7081

A remote code execution vulnerability is present in network-listening components in some versions of ArubaOS. An attacker with the ability to transmit specially-crafted IP traffic to a mobility controller could exploit this vulnerability and cause a process crash or to execute arbitrary code within...

9.8CVSS9.7AI score0.01939EPSS

CVE•added 2019/09/13 5:15 p.m.•236 views

CVE-2019-5314

Some web components in the ArubaOS software are vulnerable to HTTP Response splitting (CRLF injection) and Reflected XSS. An attacker would be able to accomplish this by sending certain URL parameters that would trigger this vulnerability.

6.1CVSS6.2AI score0.00359EPSS

CVE•added 2020/01/31 8:15 p.m.•200 views

CVE-2016-2031

Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions a...

9.8CVSS9.7AI score0.00974EPSS

CVE•added 2020/01/31 8:15 p.m.•144 views

CVE-2016-2032

A vulnerability exists in the Aruba AirWave Management Platform 8.x prior to 8.2 in the management interface of an underlying system component called RabbitMQ, which could let a malicious user obtain sensitive information. This interface listens on TCP port 15672 and 55672

7.5CVSS7.3AI score0.02172EPSS

CVE•added 2020/12/11 2:15 a.m.•83 views

CVE-2020-24633

There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway; Aruba 7000 Series Mob...

10CVSS10AI score0.01337EPSS

CVE•added 2020/12/11 2:15 a.m.•74 views

CVE-2020-24634

An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Contr...

10CVSS9.4AI score0.00241EPSS

CVE•added 2020/12/11 2:15 a.m.•59 views

CVE-2020-24637

Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker to bypass secureboot. Successful exploitation of this vulnerability this could lead to remote compromise of system integrity by allowing an attacker to load an untrusted or modified kernel in Aruba 9000 Gateway; Aruba 7000 S...

9CVSS7AI score0.00524EPSS