CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-22444
https://notcve.org/view.php?id=CVE-2024-22444
24 Jul 2024 — A vulnerability within the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victims browser in the context of the affected interface. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04672en_us&docLocale=en_US • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-41914
https://notcve.org/view.php?id=CVE-2024-41914
24 Jul 2024 — A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04672en_us&docLocale=en_US • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31483
https://notcve.org/view.php?id=CVE-2024-31483
14 May 2024 — An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to read arbitrary files in the underlying operating system. Existe una vulnerabilidad de divulgación de información confidencial autenticada en el servicio CLI al que se accede a través del protocolo PAPI. La explotación exitosa de esta vulnerabilidad da como resultado la capacidad de leer archivos arbitrarios en el sis... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31482
https://notcve.org/view.php?id=CVE-2024-31482
14 May 2024 — An unauthenticated Denial-of-Service (DoS) vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected Access Point. Existe una vulnerabilidad de denegación de servicio (DoS) no autenticada en el servicio de código de escape ANSI al que se accede a través del protocolo PAPI. La explotación exitosa de esta vulnerabilidad da como resultado la capacidad de interrumpir ... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31481
https://notcve.org/view.php?id=CVE-2024-31481
14 May 2024 — Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service. Existen vulnerabilidades de denegación de servicio (DoS) no autenticadas en el servicio CLI al que se accede a través del protocolo PAPI. La explotación exitosa de estas vulnerabilidades da como resultado la capacidad de interrumpir el funcionamiento normal del servici... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31480
https://notcve.org/view.php?id=CVE-2024-31480
14 May 2024 — Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service. Existen vulnerabilidades de denegación de servicio (DoS) no autenticadas en el servicio CLI al que se accede a través del protocolo PAPI. La explotación exitosa de estas vulnerabilidades da como resultado la capacidad de interrumpir el funcionamiento normal del servici... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31479
https://notcve.org/view.php?id=CVE-2024-31479
14 May 2024 — Unauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to interrupt the normal operation of the affected service. Existen vulnerabilidades de denegación de servicio (DoS) no autenticadas en el servicio de comunicaciones centrales al que se accede a través del protocolo PAPI. La explotación exitosa de estas vulnerabilidades da como resultado la capacidad de inter... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-31478
https://notcve.org/view.php?id=CVE-2024-31478
14 May 2024 — Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exists in the Soft AP daemon accessed via the PAPI protocol. Successful exploitation of these vulnerabilites result in the ability to interrupt the normal operation of the affected Access Point. Existen múltiples vulnerabilidades de denegación de servicio (DoS) no autenticadas en el daemon Soft AP al que se accede a través del protocolo PAPI. La explotación exitosa de estas vulnerabilidades da como resultado la capacidad de interrumpir el func... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: 1%CPEs: 2EXPL: 0CVE-2024-31477
https://notcve.org/view.php?id=CVE-2024-31477
14 May 2024 — Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. Existen múltiples vulnerabilidades de inyección de comandos autenticados en la interfaz de línea de comandos. La explotación exitosa de estas vulnerabilidades da como resultado la capacidad de ejecutar comandos arbitrarios como usuario privilegiado en el siste... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.2EPSS: 1%CPEs: 2EXPL: 0CVE-2024-31476
https://notcve.org/view.php?id=CVE-2024-31476
14 May 2024 — Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system. Existen múltiples vulnerabilidades de inyección de comandos autenticados en la interfaz de línea de comandos. La explotación exitosa de estas vulnerabilidades da como resultado la capacidad de ejecutar comandos arbitrarios como usuario privilegiado en el siste... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-006.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •