CVSS: 4.9EPSS: 0%CPEs: 30EXPL: 0CVE-2021-25141
https://notcve.org/view.php?id=CVE-2021-25141
A security vulnerability has been identified in in certain HPE and Aruba L2/L3 switch firmware. A data processing error due to improper handling of an unexpected data type in user supplied information to the switch's management interface has been identified. The data processing error could be exploited to cause a crash or reboot in the switch management interface and/or possibly the switch itself leading to local denial of service (DoS). The user must have administrator privileges to exploit this vulnerability. Se ha identificado una vulnerabilidad de seguridad en determinado firmware del switch HPE y Aruba L2/L3. • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04082en_us •
CVSS: 9.3EPSS: 0%CPEs: 28EXPL: 0CVE-2019-5321
https://notcve.org/view.php?id=CVE-2019-5321
Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08.* before 16.08.0009, 16.09.* before 16.09.0007, 16.10.* before 16.10.0003 are vulnerable to Remote Unauthorized Access in the WebUI. Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R y 3810M con versiones de firmware 16.08.* anteriores a 16.08.0009, 16.09.* anteriores a 16.09.0007, 16.10.* anteriores a 16.10.0003, son vulnerables un Acceso No autorizado Remoto en la WebUI • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-007.txt •
CVSS: 6.1EPSS: 0%CPEs: 28EXPL: 0CVE-2019-5320
https://notcve.org/view.php?id=CVE-2019-5320
Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08.* before 16.08.0009, 16.09.* before 16.09.0007, 16.10.* before 16.10.0003 are vulnerable to Cross Site Scripting in the web UI, leading to injection of code. Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R y 3810M, con versiones de firmware 16.08.* anteriores a 16.08.0009, 16.09.* anteriores a 16.09.0007, 16.10.* anteriores a 16.10.0003, son vulnerables a un ataque de tipo Cross Site Scripting en la Interfaz de Usuario web, conllevando a una inyección de código • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-007.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 28EXPL: 0CVE-2019-5322
https://notcve.org/view.php?id=CVE-2019-5322
A remotely exploitable information disclosure vulnerability is present in Aruba Intelligent Edge Switch models 5400, 3810, 2920, 2930, 2530 with GigT port, 2530 10/100 port, or 2540. The vulnerability impacts firmware 16.08.* before 16.08.0009, 16.09.* before 16.09.0007 and 16.10.* before 16.10.0003. The vulnerability allows an attacker to retrieve sensitive system information. This attack can be carried out without user authentication under very specific conditions. Una vulnerabilidad de divulgación de información remotamente explotable está presente en Aruba Intelligent Edge Switch modelos 5400, 3810, 2920, 2930, 2530 con puerto GigT, puerto 2530 10/100 o 2540. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-001.txt •