CVSS: 10.0EPSS: 0%CPEs: 60EXPL: 0CVE-2022-23679
https://notcve.org/view.php?id=CVE-2022-23679
06 Sep 2022 — AOS-CX lacks Anti-CSRF protections in place for state-changing operations. This can potentially be exploited by an attacker to execute commands in the context of another user in ArubaOS-CX Switches version(s): AOS-CX 10.10.xxxx: 10.10.0002 and below, AOS-CX 10.09.xxxx: 10.09.1020 and below, AOS-CX 10.08.xxxx: 10.08.1060 and below, AOS-CX 10.06.xxxx: 10.06.0200 and below. Aruba has released upgrades for ArubaOS-CX Switch Devices that address this security vulnerability. AOS-CX carece de protecciones Anti-CSR... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-012.txt • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.2EPSS: 0%CPEs: 35EXPL: 0CVE-2021-29149
https://notcve.org/view.php?id=CVE-2021-29149
22 Jul 2021 — A local bypass security restrictions vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX dev... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt •
CVSS: 6.1EPSS: 0%CPEs: 35EXPL: 0CVE-2021-29148
https://notcve.org/view.php?id=CVE-2021-29148
22 Jul 2021 — A local cross-site scripting (XSS) vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devic... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 6%CPEs: 35EXPL: 0CVE-2021-29143
https://notcve.org/view.php?id=CVE-2021-29143
22 Jul 2021 — A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2020-7121
https://notcve.org/view.php?id=CVE-2020-7121
23 Sep 2020 — Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found. Successful exploitation of these vulnerabilities could result in Local Denial of Service of the LLDP (Link Layer Discovery Protocol) process in the switch. This applies to firmware versions prior to 10.04.3021. Se han encontrado dos vulnerabilidades de corrupción de memoria en Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325 y 8400. Una explotación con éxito de estas vuln... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-009.txt • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2020-7122
https://notcve.org/view.php?id=CVE-2020-7122
23 Sep 2020 — Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found. Successful exploitation of these vulnerabilities could result in Local Denial of Service of the CDP (Cisco Discovery Protocol) process in the switch. This applies to firmware versions prior to 10.04.1000. Se han encontrado dos vulnerabilidades de corrupción de memoria en Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, y 8400. Una explotación con éxito de estas vulnerabi... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-009.txt • CWE-787: Out-of-bounds Write •