Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2007-4023 | 1 Aruba | 1 Mobility Controller | 2024-11-21 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the login CGI program in Aruba Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier FIPS versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2007-0932 | 2 Alcatel-lucent, Aruba | 2 Omniaccess Wireless, Mobility Controller | 2024-11-21 | 7.5 HIGH | N/A |
| The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest account, which allows remote attackers to access administrative interfaces or the WLAN. | |||||
| CVE-2007-0931 | 2 Alcatel-lucent, Aruba | 2 Omniaccess Wireless, Mobility Controller | 2024-11-21 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the management interfaces in (1) Aruba Mobility Controllers 200, 800, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via long credential strings. | |||||