Filtered by vendor Aruba Networks
Subscribe
Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-0150 | 1 Aruba Networks | 1 Aruba Mobility Controllers | 2018-10-15 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in the LDAP authentication feature in Aruba Mobility Controller 2.3.6.15, 2.5.2.11, 2.5.4.25, 2.5.5.7, 3.1.1.3, and 2.4.8.11-FIPS or earlier allows remote attackers to bypass authentication mechanisms and obtain management or VPN interface access. | |||||
CVE-2007-6054 | 1 Aruba Networks | 1 Mc-800 | 2018-10-15 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the login page in the management interface in the Aruba 800 Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /screens URI, related to the url variable. | |||||
CVE-2008-5563 | 2 Aruba Networks, Arubanetworks | 3 Aruba Mobility Controller, Aruba Mobility Controllers, Aruba Mobility Controller | 2018-10-11 | 7.8 HIGH | N/A |
Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x allows remote attackers to cause a denial of service (device crash) via a malformed Extensible Authentication Protocol (EAP) frame. | |||||
CVE-2008-2272 | 1 Aruba Networks | 1 Aruba Mobility Controller | 2018-10-11 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.5.x, 2.5.6.x, 3.1.1.x, 3.2.0.x, and 3.3.1.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. |