Filtered by vendor Arubanetworks
Subscribe
Total
357 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-5563 | 2 Aruba Networks, Arubanetworks | 3 Aruba Mobility Controller, Aruba Mobility Controllers, Aruba Mobility Controller | 2018-10-11 | 7.8 HIGH | N/A |
| Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x allows remote attackers to cause a denial of service (device crash) via a malformed Extensible Authentication Protocol (EAP) frame. | |||||
| CVE-2008-2273 | 1 Arubanetworks | 2 Aruba Mobility Controller, Arubaos | 2018-10-11 | 9.0 HIGH | N/A |
| Unspecified vulnerability in the TACACS authentication component in Aruba Mobility Controller 3.1.x, 3.2.x, and 3.3.x allows remote authenticated users to gain privileges via unknown vectors. | |||||
| CVE-2018-7060 | 1 Arubanetworks | 1 Clearpass | 2018-10-10 | 6.8 MEDIUM | 8.8 HIGH |
| Aruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1 is vulnerable to CSRF attacks against authenticated users. An attacker could manipulate an authenticated user into performing actions on the web administrative interface. | |||||
| CVE-2014-2592 | 1 Arubanetworks | 1 Web Management Portal | 2018-03-27 | 7.5 HIGH | 9.8 CRITICAL |
| Unrestricted file upload vulnerability in Aruba Web Management portal allows remote attackers to execute arbitrary code by uploading a file with an executable extension. | |||||
| CVE-2018-0489 | 3 Arubanetworks, Debian, Shibboleth | 3 Clearpass, Debian Linux, Xmltooling-c | 2018-03-23 | 6.4 MEDIUM | 6.5 MEDIUM |
| Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this issue exists because of an incomplete fix for CVE-2018-0486. | |||||
| CVE-2014-2071 | 1 Arubanetworks | 1 Clearpass | 2018-01-31 | 4.9 MEDIUM | 7.1 HIGH |
| Aruba Networks ClearPass Policy Manager 6.1.x, 6.2.x before 6.2.5.61640 and 6.3.x before 6.3.0.61712, when configured to use tunneled and non-tunneled EAP methods in a single policy construct, allows remote authenticated users to gain privileges by advertising independent inner and outer identities within a tunneled EAP method. | |||||
| CVE-2015-4650 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2017-11-01 | 10.0 HIGH | 9.8 CRITICAL |
| Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to gain shell access and execute arbitrary code with root privileges via unspecified vectors. | |||||
| CVE-2014-6624 | 1 Arubanetworks | 1 Clearpass | 2017-09-07 | 6.8 MEDIUM | N/A |
| The Insight module in Aruba Networks ClearPass before 6.3.6 and 6.4.x before 6.4.1 allows remote authenticated users to read arbitrary files via unspecified vectors. | |||||
| CVE-2015-3654 | 1 Arubanetworks | 1 Clearpass | 2017-09-06 | 9.0 HIGH | 7.2 HIGH |
| Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to gain root privileges via unspecified vectors, a different vulnerability than CVE-2015-4649. | |||||
| CVE-2015-3657 | 1 Arubanetworks | 1 Clearpass | 2017-09-06 | 6.5 MEDIUM | 7.2 HIGH |
| Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated lower-level administrators to gain "Super Admin" privileges via unspecified vectors. | |||||
| CVE-2015-3656 | 1 Arubanetworks | 1 Clearpass | 2017-09-06 | 6.5 MEDIUM | 7.2 HIGH |
| Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated lower-level administrators to gain privileges by leveraging failure to properly enforce authorization checks. | |||||
| CVE-2015-3653 | 1 Arubanetworks | 1 Clearpass | 2017-09-05 | 9.0 HIGH | 7.2 HIGH |
| Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to write to arbitrary files within the underlying operating system and consequently cause a denial of service or gain privileges by leveraging incorrect permission checking. | |||||
| CVE-2015-4649 | 1 Arubanetworks | 1 Clearpass | 2017-08-31 | 9.0 HIGH | 7.2 HIGH |
| Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to gain root privileges via unspecified vectors, a different vulnerability than CVE-2015-3654. | |||||
| CVE-2014-2593 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2017-08-28 | 9.0 HIGH | N/A |
| The management console in Aruba Networks ClearPass Policy Manager 6.3.0.60730 allows local users to execute arbitrary commands via shell metacharacters in certain arguments of a valid command, as demonstrated by the (1) system status-rasession and (2) network ping commands. | |||||
| CVE-2013-2290 | 1 Arubanetworks | 1 Arubaos | 2017-08-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the dashboard of the ArubaOS Administration WebUI in Aruba Networks ArubaOS 6.2.x before 6.2.0.3, 6.1.3.x before 6.1.3.7, 6.1.x-FIPS before 6.1.4.3-FIPS, and 6.1.x-AirGroup before 6.1.3.6-AirGroup, as used by Mobility Controller, allows remote wireless access points to inject arbitrary web script or HTML via a crafted SSID. | |||||
| CVE-2016-2034 | 1 Arubanetworks | 1 Clearpass | 2017-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in ClearPass Policy Manager 6.5.x through 6.5.6 and 6.6.0. | |||||
| CVE-2015-1389 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2016-12-30 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allows remote attackers to inject arbitrary web script or HTML via the username parameter to tips/tipsLoginSubmit.action. | |||||
| CVE-2015-4132 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2016-12-05 | 3.5 LOW | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allow remote administrators to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2015-1551 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2015-05-29 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.4 allows remote administrators to read arbitrary files via unspecified vectors. | |||||
| CVE-2015-1550 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2015-05-29 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in Aruba Networks ClearPass Policy Manager (CPPM) before 6.4.5 allows remote administrators to execute arbitrary files via unspecified vectors. | |||||