CVSS: 7.8EPSS: 1%CPEs: 18EXPL: 0CVE-2008-5563
https://notcve.org/view.php?id=CVE-2008-5563
15 Dec 2008 — Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x allows remote attackers to cause a denial of service (device crash) via a malformed Extensible Authentication Protocol (EAP) frame. Aruba Mobility Controller v2.4.8.x-FIPS, v2.5.x, v3.1.x, v3.2.x, v3.3.1.x, y v3.3.2.x permite a atacantes remotos provocar una denegación de servicio (caída del dispositivo) mediante una trama deformada del protocolo de autenticación extensible (EAP - Extensible Authentication Protocol). • http://secunia.com/advisories/33057 • CWE-399: Resource Management Errors •
CVSS: 6.1EPSS: 0%CPEs: 7EXPL: 0CVE-2008-2272
https://notcve.org/view.php?id=CVE-2008-2272
16 May 2008 — Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.5.x, 2.5.6.x, 3.1.1.x, 3.2.0.x, and 3.3.1.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de tipo cross-site scripting (XSS) en la interfaz web de Aruba Mobility Controller versiones 2.4.8.x-FIPS, 2.5.5.x, 2.5.6.x, 3.1.1.x, 3.2.0.x y 3.3.1.x, permite a atacantes remotos inyectar script web o HTML arbitrarios por medio de v... • http://secunia.com/advisories/30262 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2008-0150
https://notcve.org/view.php?id=CVE-2008-0150
09 Jan 2008 — Unspecified vulnerability in the LDAP authentication feature in Aruba Mobility Controller 2.3.6.15, 2.5.2.11, 2.5.4.25, 2.5.5.7, 3.1.1.3, and 2.4.8.11-FIPS or earlier allows remote attackers to bypass authentication mechanisms and obtain management or VPN interface access. Vulnerabilidad no especificada en la característica de autenticación LDAP en Aruba Mobility Controller 2.3.6.15, 2.5.2.11, 2.5.4.25, 2.5.5.7, 3.1.1.3, y 2.4.8.11-FIPS o anteriores permite a atacantes remotos evitar los mecanismos de auten... • http://secunia.com/advisories/28357 • CWE-287: Improper Authentication •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2007-6054 – Aruba MC-800 Mobility Controller - Screens Directory HTML Injection
https://notcve.org/view.php?id=CVE-2007-6054
20 Nov 2007 — Cross-site scripting (XSS) vulnerability in the login page in the management interface in the Aruba 800 Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /screens URI, related to the url variable. Vulnerabilidad de secuencia de comandos en sitios cruzados (XSS) en la página de entrada en la interfaz de gestión en el controlador Aruba 800 Mobility 2.5.4.18 y anterior, y 2.4.8.6-FIPS y anterior, permi... • https://www.exploit-db.com/exploits/30771 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •