Arubanetworks Edgeconnect Enterprise vulnerabilities
25 known vulnerabilities affecting arubanetworks/edgeconnect_enterprise.
Total CVEs
25
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH15MEDIUM10
Vulnerabilities
Page 1 of 2
CVE-2022-43542P2HIGHCVSS 8.8≥ 8.3.1.0, ≤ 8.3.7.1≥ 9.0.0.0, ≤ 9.0.7.0+2 more2022-12-12
CVE-2022-43542 [HIGH] CWE-94 CVE-2022-43542: Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticate
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software
nvd
CVE-2023-30506P3HIGHCVSS 8.8≤ 9.0.8.0≥ 9.1.0.0, ≤ 9.1.5.0+1 more2023-05-16
CVE-2023-30506 [HIGH] CVE-2023-30506: Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote a
Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.
nvd
CVE-2023-30502P3HIGHCVSS 8.8≤ 9.0.8.0≥ 9.1.0.0, ≤ 9.1.5.0+1 more2023-05-16
CVE-2023-30502 [HIGH] CVE-2023-30502: Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote a
Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.
nvd
CVE-2023-30505P3HIGHCVSS 8.8≤ 9.0.8.0≥ 9.1.0.0, ≤ 9.1.5.0+1 more2023-05-16
CVE-2023-30505 [HIGH] CVE-2023-30505: Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote a
Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.
nvd
CVE-2023-30504P3HIGHCVSS 8.8≤ 9.0.8.0≥ 9.1.0.0, ≤ 9.1.5.0+1 more2023-05-16
CVE-2023-30504 [HIGH] CVE-2023-30504: Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote a
Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.
nvd
CVE-2023-30501P3HIGHCVSS 8.8≤ 9.0.8.0≥ 9.1.0.0, ≤ 9.1.5.0+1 more2023-05-16
CVE-2023-30501 [HIGH] CVE-2023-30501: Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote a
Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.
nvd
CVE-2023-30503P3HIGHCVSS 8.8≤ 9.0.8.0≥ 9.1.0.0, ≤ 9.1.5.0+1 more2023-05-16
CVE-2023-30503 [HIGH] CVE-2023-30503: Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote a
Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.
nvd
CVE-2022-37924P3HIGHCVSS 7.2≥ 8.3.1.0, ≤ 8.3.7.1≥ 9.0.0.0, ≤ 9.0.7.0+2 more2022-12-12
CVE-2022-37924 [HIGH] CWE-78 CVE-2022-37924: Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticate
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software
nvd
CVE-2022-43541P3HIGHCVSS 7.2≥ 8.3.1.0, ≤ 8.3.7.1≥ 9.0.0.0, ≤ 9.0.7.0+2 more2022-12-12
CVE-2022-43541 [HIGH] CWE-94 CVE-2022-43541: Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticate
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software
nvd
CVE-2022-44533P3HIGHCVSS 7.2≥ 8.3.1.0, ≤ 8.3.7.1≥ 9.0.0.0, ≤ 9.0.7.0+2 more2022-12-12
CVE-2022-44533 [HIGH] CWE-94 CVE-2022-44533: A vulnerability in the Aruba EdgeConnect Enterprise web management interface allows remote authentic
A vulnerability in the Aruba EdgeConnect Enterprise web management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Softw
nvd
CVE-2022-37923P3HIGHCVSS 7.2≥ 8.3.1.0, ≤ 8.3.7.1≥ 9.0.0.0, ≤ 9.0.7.0+2 more2022-12-12
CVE-2022-37923 [HIGH] CVE-2022-37923: Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticate
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software versio
nvd
CVE-2022-37922P3HIGHCVSS 7.2≥ 8.3.1.0, ≤ 8.3.7.1≥ 9.0.0.0, ≤ 9.0.7.0+2 more2022-12-12
CVE-2022-37922 [HIGH] CVE-2022-37922: Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticate
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software versio
nvd
CVE-2022-37920P3HIGHCVSS 7.2≥ 8.3.1.0, ≤ 8.3.7.1≥ 9.0.0.0, ≤ 9.0.7.0+2 more2022-12-12
CVE-2022-37920 [HIGH] CVE-2022-37920: Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticate
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software versio
nvd
CVE-2022-37921P3HIGHCVSS 7.2≥ 8.3.1.0, ≤ 8.3.7.1≥ 9.0.0.0, ≤ 9.0.7.0+2 more2022-12-12
CVE-2022-37921 [HIGH] CVE-2022-37921: Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticate
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software versio
nvd
CVE-2022-37919P3HIGHCVSS 7.5≥ 8.3.1.0, ≤ 8.3.7.1≥ 9.0.0.0, ≤ 9.0.7.0+2 more2022-12-12
CVE-2022-37919 [HIGH] CVE-2022-37919: A vulnerability exists in the API of Aruba EdgeConnect Enterprise. An unauthenticated attacker can e
A vulnerability exists in the API of Aruba EdgeConnect Enterprise. An unauthenticated attacker can exploit this condition via the web-based management interface to create a denial-of-service condition which prevents the appliance from properly responding to API requests in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0
nvd
CVE-2020-12148P3MEDIUMCVSS 6.8≥ 8.1, < 8.1.9.15≥ 8.3.0, < 8.3.0.8+2 more2020-12-11
CVE-2020-12148 [MEDIUM] CWE-78 CVE-2020-12148: A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM (ECOS) appliance
A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM (ECOS) appliance software could allow an attacker to execute arbitrary commands with the privileges of the web server running on the EdgeConnect appliance. An attacker could exploit this vulnerability to establish an interactive channel, effectively taking control of
nvd
CVE-2022-44532P3MEDIUMCVSS 6.5≥ 8.3.1.0, ≤ 8.3.7.1≥ 9.0.0.0, ≤ 9.0.7.0+2 more2022-12-12
CVE-2022-44532 [MEDIUM] CWE-22 CVE-2022-44532: An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise command lin
An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below;
nvd
CVE-2022-43518P3MEDIUMCVSS 6.5≥ 8.3.1.0, ≤ 8.3.7.1≥ 9.0.0.0, ≤ 9.0.7.0+2 more2022-12-12
CVE-2022-43518 [MEDIUM] CWE-22 CVE-2022-43518: An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise web interfa
An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise web interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.
nvd
CVE-2023-30509P3MEDIUMCVSS 6.5≤ 9.0.8.0≥ 9.1.0.0, ≤ 9.1.5.0+1 more2023-05-16
CVE-2023-30509 [MEDIUM] CWE-22 CVE-2023-30509: Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise comm
Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files.
nvd
CVE-2023-30507P3MEDIUMCVSS 6.5≤ 9.0.8.0≥ 9.1.0.0, ≤ 9.1.5.0+1 more2023-05-16
CVE-2023-30507 [MEDIUM] CWE-22 CVE-2023-30507: Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise comm
Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files.
nvd
1 / 2Next →