2 results (0.015 seconds)

CVSS: 7.8EPSS: 2%CPEs: 18EXPL: 0

Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.x, 3.1.x, 3.2.x, 3.3.1.x, and 3.3.2.x allows remote attackers to cause a denial of service (device crash) via a malformed Extensible Authentication Protocol (EAP) frame. Aruba Mobility Controller v2.4.8.x-FIPS, v2.5.x, v3.1.x, v3.2.x, v3.3.1.x, y v3.3.2.x permite a atacantes remotos provocar una denegación de servicio (caída del dispositivo) mediante una trama deformada del protocolo de autenticación extensible (EAP - Extensible Authentication Protocol). • http://secunia.com/advisories/33057 http://securityreason.com/securityalert/4728 http://www.arubanetworks.com/support/alerts/aid-12808.asc http://www.securityfocus.com/archive/1/499014/100/0/threaded http://www.securityfocus.com/bid/32694 http://www.securitytracker.com/id?1021362 • CWE-399: Resource Management Errors •

CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0

Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.5.x, 2.5.6.x, 3.1.1.x, 3.2.0.x, and 3.3.1.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de tipo cross-site scripting (XSS) en la interfaz web de Aruba Mobility Controller versiones 2.4.8.x-FIPS, 2.5.5.x, 2.5.6.x, 3.1.1.x, 3.2.0.x y 3.3.1.x, permite a atacantes remotos inyectar script web o HTML arbitrarios por medio de vectores no especificados. • http://secunia.com/advisories/30262 http://www.arubanetworks.com/support/alerts/aid-051408.asc http://www.securityfocus.com/archive/1/492113/100/0/threaded http://www.securityfocus.com/bid/29240 http://www.securitytracker.com/id?1020033 https://exchange.xforce.ibmcloud.com/vulnerabilities/42433 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •