CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-26296
https://notcve.org/view.php?id=CVE-2024-26296
27 Feb 2024 — Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. Las vulnerabilidades en la interfaz de administración basada en web de ClearPass Policy Manager permiten a usuarios remotos autenticados ejecutar comandos arbitrarios en el host subyacente. Un ... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-001.txt • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-26295
https://notcve.org/view.php?id=CVE-2024-26295
27 Feb 2024 — Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. Las vulnerabilidades en la interfaz de administración basada en web de ClearPass Policy Manager permiten a usuarios remotos autenticados ejecutar comandos arbitrarios en el host subyacente. Un ... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-001.txt • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-26294
https://notcve.org/view.php?id=CVE-2024-26294
27 Feb 2024 — Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise. Las vulnerabilidades en la interfaz de administración basada en web de ClearPass Policy Manager permiten a usuarios remotos autenticados ejecutar comandos arbitrarios en el host subyacente. Un ... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-001.txt • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-45627
https://notcve.org/view.php?id=CVE-2023-45627
14 Nov 2023 — An authenticated Denial-of-Service (DoS) vulnerability exists in the CLI service. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point. Existe una vulnerabilidad de Denegación de Servicio (DoS) autenticada en CLI Service. La explotación exitosa de esta vulnerabilidad da como resultado la capacidad de interrumpir el funcionamiento normal del punto de acceso afectado. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-017.txt •
CVSS: 8.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-45626
https://notcve.org/view.php?id=CVE-2023-45626
14 Nov 2023 — An authenticated vulnerability has been identified allowing an attacker to effectively establish highly privileged persistent arbitrary code execution across boot cycles. Se ha identificado una vulnerabilidad autenticada que permite a un atacante establecer de manera efectiva la ejecución de código arbitrario persistente y altamente privilegiado a lo largo de los ciclos de arranque. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-017.txt • CWE-863: Incorrect Authorization •
CVSS: 8.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-45625
https://notcve.org/view.php?id=CVE-2023-45625
14 Nov 2023 — Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. Existen múltiples vulnerabilidades de inyección de comandos autenticados en la interfaz de línea de comandos. La explotación exitosa de estas vulnerabilidades da como resultado la capacidad de ejecutar comandos arbitrarios como usuario privilegiado en el siste... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-017.txt • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-45624
https://notcve.org/view.php?id=CVE-2023-45624
14 Nov 2023 — An unauthenticated Denial-of-Service (DoS) vulnerability exists in the soft ap daemon accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected access point. Existe una vulnerabilidad de Denegación de Servicio (DoS) no autenticada en Soft Ap Daemon al que se accede a través del protocolo PAPI. La explotación exitosa de esta vulnerabilidad da como resultado la capacidad de interrumpir el funcionamiento normal del pun... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-017.txt •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-45623
https://notcve.org/view.php?id=CVE-2023-45623
14 Nov 2023 — Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Wi-Fi Uplink service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point. Existen vulnerabilidades de Denegación de Servicio (DoS) no autenticadas en Wi-Fi Uplink Service al que se accede a través a través protocolo PAPI. La explotación exitosa de estas vulnerabilidades da como resultado la capacidad de interrumpir el funcionam... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-017.txt •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-45622
https://notcve.org/view.php?id=CVE-2023-45622
14 Nov 2023 — Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the BLE daemon service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point. Existen vulnerabilidades de Denegación de Servicio (DoS) no autenticadas en BLE Daemon Service al que se accede a través del protocolo PAPI. La explotación exitosa de estas vulnerabilidades da como resultado la capacidad de interrumpir el funcionamiento nor... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-017.txt • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-45621
https://notcve.org/view.php?id=CVE-2023-45621
14 Nov 2023 — Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected access point. Existen vulnerabilidades de Denegación de Servicio (DoS) no autenticadas en CLI Service al que se accede a través del protocolo PAPI. La explotación exitosa de estas vulnerabilidades da como resultado la capacidad de interrumpir el funcionamiento normal del punto ... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-017.txt • CWE-400: Uncontrolled Resource Consumption •