Filtered by vendor Arubanetworks
Subscribe
Total
460 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-25149 | 2 Arubanetworks, Siemens | 3 Instant, Scalance W1750d, Scalance W1750d Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. | |||||
CVE-2021-25148 | 2 Arubanetworks, Siemens | 3 Instant, Scalance W1750d, Scalance W1750d Firmware | 2024-11-21 | 8.5 HIGH | 8.1 HIGH |
A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. | |||||
CVE-2021-25147 | 1 Arubanetworks | 1 Airwave | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
A remote authentication restriction bypass vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability. | |||||
CVE-2021-25146 | 2 Arubanetworks, Siemens | 3 Instant, Scalance W1750d, Scalance W1750d Firmware | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.5.x: 6.5.4.17 and below; Aruba Instant 8.3.x: 8.3.0.13 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aruba Instant 8.7.x: 8.7.0.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. | |||||
CVE-2021-25145 | 2 Arubanetworks, Siemens | 3 Instant, Scalance W1750d, Scalance W1750d Firmware | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
A remote unauthorized disclosure of information vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aruba Instant 8.7.x: 8.7.0.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. | |||||
CVE-2021-25144 | 2 Arubanetworks, Siemens | 3 Instant, Scalance W1750d, Scalance W1750d Firmware | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. | |||||
CVE-2021-25143 | 2 Arubanetworks, Siemens | 3 Instant, Scalance W1750d, Scalance W1750d Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
A remote denial of service (dos) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.9 and below; Aruba Instant 8.6.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. | |||||
CVE-2021-25141 | 2 Arubanetworks, Hpe | 30 Aruba 2530ya, Aruba 2530ya Firmware, Aruba 2530yb and 27 more | 2024-11-21 | 4.9 MEDIUM | 4.4 MEDIUM |
A security vulnerability has been identified in in certain HPE and Aruba L2/L3 switch firmware. A data processing error due to improper handling of an unexpected data type in user supplied information to the switch's management interface has been identified. The data processing error could be exploited to cause a crash or reboot in the switch management interface and/or possibly the switch itself leading to local denial of service (DoS). The user must have administrator privileges to exploit this vulnerability. | |||||
CVE-2020-7129 | 1 Arubanetworks | 1 Airwave Glass | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | |||||
CVE-2020-7128 | 1 Arubanetworks | 1 Airwave Glass | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | |||||
CVE-2020-7127 | 1 Arubanetworks | 1 Airwave Glass | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | |||||
CVE-2020-7126 | 1 Arubanetworks | 1 Airwave Glass | 2024-11-21 | 5.0 MEDIUM | 5.8 MEDIUM |
A remote server-side request forgery (ssrf) vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | |||||
CVE-2020-7125 | 1 Arubanetworks | 1 Airwave Glass | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
A remote escalation of privilege vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | |||||
CVE-2020-7124 | 1 Arubanetworks | 1 Airwave Glass | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
A remote unauthorized access vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | |||||
CVE-2020-7123 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
A local escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability. | |||||
CVE-2020-7122 | 1 Arubanetworks | 12 Cx 6200f, Cx 6200f Firmware, Cx 6300 and 9 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found. Successful exploitation of these vulnerabilities could result in Local Denial of Service of the CDP (Cisco Discovery Protocol) process in the switch. This applies to firmware versions prior to 10.04.1000. | |||||
CVE-2020-7121 | 1 Arubanetworks | 12 Cx 6200f, Cx 6200f Firmware, Cx 6300 and 9 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found. Successful exploitation of these vulnerabilities could result in Local Denial of Service of the LLDP (Link Layer Discovery Protocol) process in the switch. This applies to firmware versions prior to 10.04.3021. | |||||
CVE-2020-7120 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2024-11-21 | 4.6 MEDIUM | 5.3 MEDIUM |
A local authenticated buffer overflow vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in ClearPass OnGuard could allow local authenticated users to cause a buffer overflow condition. A successful exploit could allow a local attacker to execute arbitrary code within the context the binary is running in, which is a lower privileged account. | |||||
CVE-2020-7119 | 1 Arubanetworks | 1 Analytics And Location Engine | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
A vulnerability exists in the Aruba Analytics and Location Engine (ALE) web management interface 2.1.0.2 and earlier firmware that allows an already authenticated administrative user to arbitrarily modify files as an underlying privileged operating system user. | |||||
CVE-2020-7117 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
The ClearPass Policy Manager WebUI administrative interface has an authenticated command remote execution. When the attacker is already authenticated to the administrative interface, they could then exploit the system, leading to remote command execution in the underlying operating system. Resolution: Fixed in 6.7.13-HF, 6.8.5-HF, 6.8.6, 6.9.1 and higher. |