CVE-2007-4023
- EPSS 1.12%
- Published 26.07.2007 19:30:00
- Last modified 09.04.2025 00:30:58
Cross-site scripting (XSS) vulnerability in the login CGI program in Aruba Mobility Controller 2.5.4.18 and earlier, and 2.4.8.6-FIPS and earlier FIPS versions, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2007-0931
- EPSS 12.36%
- Published 14.02.2007 11:28:00
- Last modified 09.04.2025 00:30:58
Heap-based buffer overflow in the management interfaces in (1) Aruba Mobility Controllers 200, 800, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 allows remote attackers to cause a denial of service (process crash) and possi...
CVE-2007-0932
- EPSS 4.55%
- Published 14.02.2007 11:28:00
- Last modified 09.04.2025 00:30:58
The (1) Aruba Mobility Controllers 200, 600, 2400, and 6000 and (2) Alcatel-Lucent OmniAccess Wireless 43xx and 6000 do not properly implement authentication and privilege assignment for the guest account, which allows remote attackers to access admi...