Page 10 of 47 results (0.004 seconds)

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

Aruba Mobility Controller running ArubaOS 3.3.1.16, and possibly other versions, installs the same default X.509 certificate for all installations, which allows remote attackers to bypass authentication. NOTE: this is only a vulnerability when the administrator does not follow recommendations in the product's security documentation. Aruba Mobility Controller con ArubaOS 3.3.1.16, y posiblemente otras versiones, instala por defecto el mismo certificado X.509 por defecto para todas las instalaciones, lo que permite a atacantes remotos eludir la autenticación. NOTA: esto es sólo una vulnerabilidad cuando el administrador no sigue las recomendaciones de la documentación de seguridad del producto. • http://osvdb.org/51731 http://www.securityfocus.com/archive/1/496604/100/0/threaded http://www.securityfocus.com/archive/1/496622/100/0/threaded http://www.securityfocus.com/bid/31336 • CWE-310: Cryptographic Issues •

CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0

Unspecified vulnerability in the TACACS authentication component in Aruba Mobility Controller 3.1.x, 3.2.x, and 3.3.x allows remote authenticated users to gain privileges via unknown vectors. Vulnerabilidad no especificada en el componente de autenticación TACACS en Aruba Mobility Controller 3.1.x, 3.2.x, and 3.3.x permite a usuarios remotos autenticados conseguir privilegios a través de vectores no especificados. • http://secunia.com/advisories/30262 http://www.arubanetworks.com/support/alerts/aid-051408.asc http://www.securityfocus.com/archive/1/492113/100/0/threaded http://www.securityfocus.com/bid/29240 http://www.securitytracker.com/id?1020032 https://exchange.xforce.ibmcloud.com/vulnerabilities/42434 •