CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-30503 – Authenticated Remote Code Execution in Aruba EdgeConnect Enterprise Command Line Interface
https://notcve.org/view.php?id=CVE-2023-30503
16 May 2023 — Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlyi... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-30502 – Authenticated Remote Code Execution in Aruba EdgeConnect Enterprise Command Line Interface
https://notcve.org/view.php?id=CVE-2023-30502
16 May 2023 — Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlyi... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-30501 – Authenticated Remote Code Execution in Aruba EdgeConnect Enterprise Command Line Interface
https://notcve.org/view.php?id=CVE-2023-30501
16 May 2023 — Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlyi... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-007.txt •
CVSS: 5.4EPSS: 0%CPEs: 7EXPL: 0CVE-2023-22791 – Aruba InstantOS and ArubaOS 10 Sensitive Information Disclosure
https://notcve.org/view.php?id=CVE-2023-22791
08 May 2023 — A vulnerability exists in Aruba InstantOS and ArubaOS 10 where an edge-case combination of network configuration, a specific WLAN environment and an attacker already possessing valid user credentials on that WLAN can lead to sensitive information being disclosed via the WLAN. The scenarios in which this disclosure of potentially sensitive information can occur are complex and depend on factors that are beyond the control of the attacker. A vulnerability exists in Aruba InstantOS and ArubaOS 10 where an edge... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txt •
CVSS: 9.0EPSS: 0%CPEs: 7EXPL: 0CVE-2023-22790 – Authenticated Remote Command Execution in Aruba InstantOS or ArubaOS 10 Command Line Interface
https://notcve.org/view.php?id=CVE-2023-22790
08 May 2023 — Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as ... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txt • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 7EXPL: 0CVE-2023-22789 – Authenticated Remote Command Execution in Aruba InstantOS or ArubaOS 10 Command Line Interface
https://notcve.org/view.php?id=CVE-2023-22789
08 May 2023 — Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as ... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txt • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 7EXPL: 0CVE-2023-22788 – Authenticated Remote Command Execution in Aruba InstantOS or ArubaOS 10 Command Line Interface
https://notcve.org/view.php?id=CVE-2023-22788
08 May 2023 — Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as ... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txt • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2023-22787 – Unauthenticated Denial of Service (DoS) in Aruba InstantOS or ArubaOS 10 Service Accessed via the PAPI Protocol
https://notcve.org/view.php?id=CVE-2023-22787
08 May 2023 — An unauthenticated Denial of Service (DoS) vulnerability exists in a service accessed via the PAPI protocol provided by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point. An unauthenticated Denial of Service (DoS) vulnerability exists in a service accessed via the PAPI protocol provided by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability results in the ability to int... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-006.txt •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-25596 – Authenticated Sensitive Information Disclosure in ClearPass Policy Manager
https://notcve.org/view.php?id=CVE-2023-25596
14 Mar 2023 — A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. A successful exploit allows an attacker to retrieve information which could be used to potentially gain further access to network services supported by ClearPass Policy Manager. A vulnerability exists in ClearPass Policy Manager that allows for an attacker with administrative privileges to access sensitive information in a cleartext format. A su... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-003.txt • CWE-312: Cleartext Storage of Sensitive Information •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-25595 – Sensitive Information Disclosure in ClearPass OnGuard Ubuntu Agent
https://notcve.org/view.php?id=CVE-2023-25595
14 Mar 2023 — A vulnerability exists in the ClearPass OnGuard Ubuntu agent that allows for an attacker with local Ubuntu instance access to potentially obtain sensitive information. Successful Exploitation of this vulnerability allows an attacker to retrieve information that is of a sensitive nature to the ClearPass/OnGuard environment. A vulnerability exists in the ClearPass OnGuard Ubuntu agent that allows for an attacker with local Ubuntu instance access to potentially obtain sensitive information. Successful Exploita... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-003.txt • CWE-284: Improper Access Control •