arubanetworks

578 tracked vulnerabilities.

CVE-2025-23056 MEDIUM
HPE Aruba Networking Fabric Composer 7.0.0-7.1.0 - Authenticated Stored Cross-Site Scripting
Jan 28, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-23055 MEDIUM
HPE Aruba Networking Fabric Composer 7.0.0-7.1.0 - Authenticated Stored Cross-Site Scripting
Jan 28, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-23054 MEDIUM
HPE Aruba Networking Fabric Composer 7.0.0-7.1.0 - Authenticated Incorrect Authorization
Jan 28, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-23053 MEDIUM
HPE Aruba Networking Fabric Composer 7.0.0-7.1.0 - Authenticated Privilege Escalation via Web Management Interface
Jan 28, 2025
CVSS 6.5
EPSS 0.00
CVE-2024-53672 MEDIUM
ClearPass Policy Manager 6.11.0-6.11.9 - Authenticated Remote Command Execution
Dec 03, 2024
CVSS 4.7
EPSS 0.00
CVE-2024-51773 MEDIUM
HPE Aruba Networking ClearPass Policy Manager - XSS
Dec 03, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-51772 MEDIUM
ClearPass Policy Manager - Authenticated RCE
Dec 03, 2024
CVSS 6.4
EPSS 0.01
CVE-2024-51771 HIGH
HPE Aruba Networking ClearPass Policy Manager - RCE
Dec 03, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-42400 MEDIUM
ArubaOS 10.4.0.0-10.4.1.1 and InstantOS 8.10.0.0-8.10.0.12 - Unauthenticated Denial-of-Service via PAPI Protocol
Aug 06, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-42399 MEDIUM
ArubaOS 10.4.0.0-10.4.1.1 and InstantOS 8.10.0.0-8.10.0.12 - Unauthenticated Denial of Service via PAPI Protocol
Aug 06, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-42398 MEDIUM
ArubaOS 10.4.0.0-10.4.1.1 & InstantOS 8.10.0.0-8.10.0.12 - DoS via Soft AP Daemon PAPI
Aug 06, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-42395 CRITICAL
AP Certificate Management Service - Unauthenticated RCE
Aug 06, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-42394 CRITICAL
Soft AP Daemon Service - Unauthenticated RCE
Aug 06, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-42393 CRITICAL
Soft AP Daemon Service - Unauthenticated RCE
Aug 06, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-5486 MEDIUM
ClearPass Policy Manager - Info Disclosure
Jul 30, 2024
CVSS 5.8
EPSS 0.00
CVE-2024-41916 MEDIUM
ClearPass Policy Manager - Info Disclosure
Jul 30, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-41915 HIGH
ClearPass Policy Manager 6.11.0-6.11.8 - Authenticated SQL Injection
Jul 30, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-41136 MEDIUM
Aruba EdgeConnect SD-WAN Orchestrator 9.1.0-9.1.10 - Authenticated OS Command Injection via CLI
Jul 24, 2024
CVSS 6.8
EPSS 0.00
CVE-2024-22444 MEDIUM
EdgeConnect SD-WAN Orchestrator - XSS
Jul 24, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-41914 HIGH
EdgeConnect SD-WAN Orchestrator 9.1.0-9.1.9 - Authenticated Stored Cross-Site Scripting
Jul 24, 2024
CVSS 8.1
EPSS 0.00
CVE-2024-22443 HIGH
EdgeConnect SD-WAN Orchestrator - Command Injection
Jul 24, 2024
CVSS 7.2
EPSS 0.01
CVE-2024-31483 MEDIUM
ArubaOS 10.3.0.0-10.4.1.0 and InstantOS 6.4.0.0-8.6.0.23 - Authenticated Arbitrary File Read via PAPI CLI Service
May 14, 2024
CVSS 4.9
EPSS 0.00
CVE-2024-31482 MEDIUM
ArubaOS 10.3.0.0-10.4.1.0 & InstantOS 6.4.0.0-8.6.0.23 - DoS via PAPI ANSI Escape Code
May 14, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-31481 MEDIUM
ArubaOS 10.3.0.0-10.4.1.0 and InstantOS 6.4.0.0-8.6.0.23 - Unauthenticated Denial of Service via PAPI CLI Service
May 14, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-31480 MEDIUM
ArubaOS 10.3.0.0-10.4.1.0 and InstantOS 6.4.0.0-8.6.0.23 - Unauthenticated Denial of Service via PAPI CLI Service
May 14, 2024
CVSS 5.3
EPSS 0.00
Products
arubaos 227 clearpass_policy_manager 136 sd-wan 88 airwave 36 clearpass 36 instant 33 edgeconnect_sd-wan_orchestrator 29 edgeconnect_enterprise 25 aruba_edgeconnect_enterprise_orchestrator 16 airwave_glass 12 aos-cx 12 aruba_instant 12 2540_firmware 5 2920_firmware 5 fabric_composer 5 2530_firmware 4 aruba_mobility_controller 4 2930_firmware 3 3810_firmware 3 5400r_firmware 3 aos-cx_firmware 3 2615_firmware 2 2620_firmware 2 2915_firmware 2 2930f_firmware 2 2930m_firmware 2 3810m_firmware 2 5406r_firmware 2 5412r_firmware 2 cx_6200f_firmware 2
Quick Filters
Critical CVEs With Exploits In CISA KEV