Aruba Products Multiple Vulnerabilities

Release Date: 11 Jul 2023 3235 Views

RISK: Medium Risk

Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities were identified in Aruba Products. A remote attacker could exploit some of these vulnerabilities to trigger cross-site scripting, data manipulation, security restriction bypass, remote code execution, sensitive information disclosure and denial of service on the targeted system.

Impact

  • Remote Code Execution
  • Denial of Service
  • Information Disclosure
  • Cross-Site Scripting
  • Data Manipulation
  • Security Restriction Bypass

System / Technologies affected

  • Aruba Access Points running InstantOS and ArubaOS 10

Affected Software Versions

  • ArubaOS 10.4.0.1 and below
  • ArubaOS 8.11.1.0 and below
  • ArubaOS 8.10.0.6 and below
  • ArubaOS 8.6.0.20 and below

 

The following ArubaOS and SD-WAN software versions that are End of Life are affected by these vulnerabilities and are not patched by this advisory

  • ArubaOS 8.9.x.x
  • ArubaOS 8.8.x.x
  • ArubaOS 8.7.x.x
  • ArubaOS 6.5.4.x
  • SD-WAN 8.7.0.0-2.3.0.x
  • SD-WAN 8.6.0.4-2.2.x.x
 

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Related Link

Related Tags

Remote Code ExecutionInformation DisclosureDenial of ServiceCross Site ScriptingArubaData ManipulationSecurity Restriction Bypass

Share with

Previous

VMWare Aria Operations for Networks Multiple Vulnerabilities

11 Jul 2023 3268 Views

Next

Mozilla Products Multiple Vulnerabilities

12 Jul 2023 3060 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY