CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2018-7080
https://notcve.org/view.php?id=CVE-2018-7080
07 Dec 2018 — A vulnerability exists in the firmware of embedded BLE radios that are part of some Aruba Access points. An attacker who is able to exploit the vulnerability could install new, potentially malicious firmware into the AP's BLE radio and could then gain access to the AP's console port. This vulnerability is applicable only if the BLE radio has been enabled in affected access points. The BLE radio is disabled by default. Note - Aruba products are NOT affected by a similar vulnerability being tracked as CVE-201... • http://www.securityfocus.com/bid/105814 •
CVSS: 7.5EPSS: 71%CPEs: 4EXPL: 0CVE-2017-13099 – wolfSSL Bleichenbacher/ROBOT
https://notcve.org/view.php?id=CVE-2017-13099
13 Dec 2017 — wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT." wolfSSL en versiones anteriores a la 3.12.2 proporciona un oráculo de Bleichenbacher débil cuando se negocia una suite de cifrado TLS que utiliza un intercambio de claves RSA. Un atacante puede recuperar la clave privada desde una aplicación wolfSSL vul... • http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-002.txt • CWE-203: Observable Discrepancy •
CVSS: 7.5EPSS: 2%CPEs: 4EXPL: 3CVE-2016-2032 – Aruba Authentication Bypass / Insecure Transport / Tons of Issues
https://notcve.org/view.php?id=CVE-2016-2032
06 May 2016 — A vulnerability exists in the Aruba AirWave Management Platform 8.x prior to 8.2 in the management interface of an underlying system component called RabbitMQ, which could let a malicious user obtain sensitive information. This interface listens on TCP port 15672 and 55672 Se presenta una vulnerabilidad en Aruba AirWave Management Platform versiones 8.x anteriores a 8.2, en la interfaz de administración de un componente de un sistema subyacente llamado RabbitMQ, lo que podría permitir a un usuario malicioso... • https://packetstorm.news/files/id/136997 • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 3CVE-2016-2031 – Aruba Authentication Bypass / Insecure Transport / Tons of Issues
https://notcve.org/view.php?id=CVE-2016-2031
06 May 2016 — Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code. Se presentan múltiples vulnerabilidades en Aruba Instate versiones anteriores a 4.1.3.0 y 4.2.3.1, debido a una comprobación insuficiente de la entrada suministrada por el usuario y una ... • https://packetstorm.news/files/id/136997 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2015-1348
https://notcve.org/view.php?id=CVE-2015-1348
03 Feb 2015 — Heap-based buffer overflow in Aruba Instant (IAP) with firmware before 4.0.0.7 and 4.1.x before 4.1.1.2 allows remote attackers to cause a denial of service (crash or reset to factory default) via a malformed frame to the wireless interface. Desbordamiento de buffer basado en memoria dinámica en Aruba Instant (IAP) con firmware anterior a 4.0.0.7 y 4.1.x anterior a 4.1.1.2 permite a atacantes remotos causar una denegación de servicio (caída o restablecimiento de la configuración de fabrica por defecto) a tr... • http://www.arubanetworks.com/support/alerts/aruba-psa-2015-001.txt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •