Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Arubaos
(Arubanetworks)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 132 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-11-14 | CVE-2023-45626 | An authenticated vulnerability has been identified allowing an attacker to effectively establish highly privileged persistent arbitrary code execution across boot cycles. | Arubaos, Instantos | 7.2 | ||
| 2023-09-06 | CVE-2023-38486 | A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary runtime operating systems, including unverified and unsigned OS images. | Arubaos | 6.4 | ||
| 2024-08-06 | CVE-2024-42398 | Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point. | Arubaos, Instantos | 5.3 | ||
| 2024-08-06 | CVE-2024-42399 | Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point. | Arubaos, Instantos | 5.3 | ||
| 2024-08-06 | CVE-2024-42400 | Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected Access Point. | Arubaos, Instantos | 5.3 | ||
| 2023-11-14 | CVE-2023-45614 | There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | Arubaos, Instantos | 9.8 | ||
| 2023-11-14 | CVE-2023-45621 | Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point. | Arubaos, Instantos | 7.5 | ||
| 2023-11-14 | CVE-2023-45622 | Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the BLE daemon service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point. | Arubaos, Instantos | 7.5 | ||
| 2024-08-06 | CVE-2024-42393 | There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise. | Arubaos, Instantos | 9.8 | ||
| 2024-08-06 | CVE-2024-42394 | There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise. | Arubaos, Instantos | 9.8 |