CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-22444
https://notcve.org/view.php?id=CVE-2024-22444
24 Jul 2024 — A vulnerability within the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victims browser in the context of the affected interface. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04672en_us&docLocale=en_US • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-41914
https://notcve.org/view.php?id=CVE-2024-41914
24 Jul 2024 — A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface. • https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04672en_us&docLocale=en_US • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-33518
https://notcve.org/view.php?id=CVE-2024-33518
01 May 2024 — An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Radio Frequency Manager service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service. Existe una vulnerabilidad de denegación de servicio (DoS) no autenticada en el servicio Radio Frequency Manager al que se accede a través del protocolo PAPI. La explotación exitosa de esta vulnerabilidad da como resultado la capacidad de interrumpir... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-33517
https://notcve.org/view.php?id=CVE-2024-33517
01 May 2024 — An unauthenticated Denial-of-Service (DoS) vulnerability exists in the Radio Frequency Manager service accessed via the PAPI protocol. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the affected service. Existe una vulnerabilidad de denegación de servicio (DoS) no autenticada en el servicio Radio Frequency Manager al que se accede a través del protocolo PAPI. La explotación exitosa de esta vulnerabilidad da como resultado la capacidad de interrumpir... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-33516
https://notcve.org/view.php?id=CVE-2024-33516
01 May 2024 — An unauthenticated Denial of Service (DoS) vulnerability exists in the Auth service accessed via the PAPI protocol provided by ArubaOS. Successful exploitation of this vulnerability results in the ability to interrupt the normal operation of the controller. Existe una vulnerabilidad de denegación de servicio (DoS) no autenticada en el servicio de autenticación al que se accede a través del protocolo PAPI proporcionado por ArubaOS. La explotación exitosa de esta vulnerabilidad da como resultado la capacidad ... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-33515
https://notcve.org/view.php?id=CVE-2024-33515
01 May 2024 — Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. Existen vulnerabilidades de denegación de servicio (DoS) no autenticadas en el servicio de administración de AP al que se accede a través del protocolo PAPI. La explotación exitosa de estas vulnerabilidades da como resultado la capacidad de interrumpir el fu... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-33514
https://notcve.org/view.php?id=CVE-2024-33514
01 May 2024 — Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. Existen vulnerabilidades de denegación de servicio (DoS) no autenticadas en el servicio de administración de AP al que se accede a través del protocolo PAPI. La explotación exitosa de estas vulnerabilidades da como resultado la capacidad de interrumpir el fu... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2024-33513
https://notcve.org/view.php?id=CVE-2024-33513
01 May 2024 — Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Management service accessed via the PAPI protocol. Successful exploitation of these vulnerabilities results in the ability to interrupt the normal operation of the affected service. Existen vulnerabilidades de denegación de servicio (DoS) no autenticadas en el servicio de administración de AP al que se accede a través del protocolo PAPI. La explotación exitosa de estas vulnerabilidades da como resultado la capacidad de interrumpir el fu... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2024-33512
https://notcve.org/view.php?id=CVE-2024-33512
01 May 2024 — There is a buffer overflow vulnerability in the underlying Local User Authentication Database service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. Existe una vulnerabilidad de desbordamiento de búfer en el servicio de base de dato... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt • CWE-121: Stack-based Buffer Overflow •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2024-33511
https://notcve.org/view.php?id=CVE-2024-33511
01 May 2024 — There is a buffer overflow vulnerability in the underlying Automatic Reporting service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. Existe una vulnerabilidad de desbordamiento del búfer en el servicio de informes automáticos subya... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2024-004.txt • CWE-121: Stack-based Buffer Overflow •