CVSS: 9.8EPSS: 1%CPEs: 7EXPL: 0CVE-2021-25149
https://notcve.org/view.php?id=CVE-2021-25149
29 Mar 2021 — A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de desbordamiento de búfer remoto en algunos productos Aruba Inst... • https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-25145
https://notcve.org/view.php?id=CVE-2021-25145
29 Mar 2021 — A remote unauthorized disclosure of information vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.10 and below; Aruba Instant 8.6.x: 8.6.0.5 and below; Aruba Instant 8.7.x: 8.7.0.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad d... • https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf •
CVSS: 9.0EPSS: 1%CPEs: 7EXPL: 0CVE-2021-25144
https://notcve.org/view.php?id=CVE-2021-25144
29 Mar 2021 — A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de desbordamiento del búfer remoto en algunos productos Aruba Ins... • https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.8EPSS: 0%CPEs: 8EXPL: 0CVE-2019-5317
https://notcve.org/view.php?id=CVE-2019-5317
29 Mar 2021 — A local authentication bypass vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.15 and below; Aruba Instant 8.3.x: 8.3.0.11 and below; Aruba Instant 8.4.x: 8.4.0.5 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de omisión de autent... • https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 3%CPEs: 6EXPL: 0CVE-2018-16417
https://notcve.org/view.php?id=CVE-2018-16417
30 Oct 2019 — Aruba Instant 4.x prior to 6.4.4.8-4.2.4.12, 6.5.x prior to 6.5.4.11, 8.3.x prior to 8.3.0.6, and 8.4.x prior to 8.4.0.1 allows Command injection. Aruba Instant versiones 4.x anteriores a la versión 6.4.4.8-4.2.4.12, versiones 6.5.x anteriores a la versión 6.5.4.11, versiones 8.3.x anteriores a 8.3.0.6 y versiones 8.4.x anteriores a la versión 8.4.0.1, permite una Inyección de Comandos. • http://www.securityfocus.com/bid/108374 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.5EPSS: 71%CPEs: 4EXPL: 0CVE-2017-13099 – wolfSSL Bleichenbacher/ROBOT
https://notcve.org/view.php?id=CVE-2017-13099
13 Dec 2017 — wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT." wolfSSL en versiones anteriores a la 3.12.2 proporciona un oráculo de Bleichenbacher débil cuando se negocia una suite de cifrado TLS que utiliza un intercambio de claves RSA. Un atacante puede recuperar la clave privada desde una aplicación wolfSSL vul... • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt • CWE-203: Observable Discrepancy •