CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-37734
https://notcve.org/view.php?id=CVE-2021-37734
12 Oct 2021 — A remote unauthorized read access to files vulnerability was discovered in Aruba Instant version(s): 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.19 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3 and below; Aruba Instant 8.8.x.x: 8.8.0.0 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. Se ha detectado una vulnerabilidad de acceso remoto no autorizado a ... • https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2021-37735
https://notcve.org/view.php?id=CVE-2021-37735
12 Oct 2021 — A remote denial of service vulnerability was discovered in Aruba Instant version(s): Aruba Instant 6.5.x.x: 6.5.4.18 and below; Aruba Instant 8.5.x.x: 8.5.0.10 and below; Aruba Instant 8.6.x.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. Se ha detectado una vulnerabilidad de denegación de servicio remota en Aruba Instant Aruba Instant versiones: 6.5.x.x: 6.5.4.18 y por debajo; Aruba Instant 8.5.x.x: 8.5.0.10 y por debajo; Aruba Instant 8.6.... • https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf • CWE-134: Use of Externally-Controlled Format String •
CVSS: 9.0EPSS: 2%CPEs: 7EXPL: 0CVE-2021-37732
https://notcve.org/view.php?id=CVE-2021-37732
12 Oct 2021 — A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 6.4.x.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x.x: 6.5.4.18 and below; Aruba Instant 8.5.x.x: 8.5.0.11 and below; Aruba Instant 8.6.x.x: 8.6.0.6 and below; Aruba Instant 8.7.x.x: 8.7.1.0 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. Se ha detectado una vulnerabilidad de ejecución de comandos remota arbitrarias en HPE Aruba I... • https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 2%CPEs: 7EXPL: 0CVE-2021-37727
https://notcve.org/view.php?id=CVE-2021-37727
12 Oct 2021 — A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant (IAP) version(s): 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. Se ha detectado una vulnerabilidad de ejecución de comandos remota arbitrarias en HPE Aruba Instant (IAP) ... • https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 2%CPEs: 7EXPL: 0CVE-2021-37730
https://notcve.org/view.php?id=CVE-2021-37730
12 Oct 2021 — A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3 and below. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. Se ha detectado una vulnerabilidad de ejecución de comandos remota arbitrarias en HPE Aruba ... • https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0CVE-2021-37726
https://notcve.org/view.php?id=CVE-2021-37726
12 Oct 2021 — A remote buffer overflow vulnerability was discovered in HPE Aruba Instant (IAP) version(s): Aruba Instant 8.7.x.x: 8.7.0.0 through 8.7.1.2. Aruba has released patches for Aruba Instant (IAP) that address this security vulnerability. Se ha detectado una vulnerabilidad de desbordamiento de búfer remoto en HPE Aruba Instant (IAP) versiones: Aruba Instant 8.7.x.x: 8.7.0.0 hasta 8.7.1.2. Aruba ha publicado parches para Aruba Instant (IAP) que abordan esta vulnerabilidad de seguridad • https://cert-portal.siemens.com/productcert/pdf/ssa-917476.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-2019-5319
https://notcve.org/view.php?id=CVE-2019-5319
30 Mar 2021 — A remote buffer overflow vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.16 and below; Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.6 and below; Aruba Instant 8.6.x: 8.6.0.2 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de desbordamiento de búfer remoto en algunos productos Aruba Inst... • https://cert-portal.siemens.com/productcert/pdf/ssa-723417.pdf • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.1EPSS: 5%CPEs: 8EXPL: 3CVE-2021-25161 – Aruba Instant (IAP) - Remote Code Execution
https://notcve.org/view.php?id=CVE-2021-25161
30 Mar 2021 — A remote cross-site scripting (xss) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.7 and below; Aruba Instant 8.7.x: 8.7.1.1 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de tipo cross... • https://packetstorm.news/files/id/163522 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.3EPSS: 33%CPEs: 8EXPL: 5CVE-2021-25162 – Aruba Instant (IAP) - Remote Code Execution
https://notcve.org/view.php?id=CVE-2021-25162
30 Mar 2021 — A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.7 and below; Aruba Instant 8.7.x: 8.7.1.1 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de ejecu... • https://packetstorm.news/files/id/163522 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.9EPSS: 3%CPEs: 8EXPL: 2CVE-2021-25160 – Aruba Instant (IAP) - Remote Code Execution
https://notcve.org/view.php?id=CVE-2021-25160
30 Mar 2021 — A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.7 and below; Aruba Instant 8.7.x: 8.7.1.1 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Se detectó una vulnerabilidad de modificac... • https://packetstorm.news/files/id/163522 •