Hpe

Arubaos-cx

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2025-37160

  • EPSS 0.04%
  • Veröffentlicht 18.11.2025 18:54:09
  • Zuletzt bearbeitet 04.12.2025 18:18:12

A broken access control (BAC) vulnerability in the web-based management interface could allow an authenticated remote attacker with low privileges to view sensitive information. Successful exploitation of this vulnerability could enable the attacker ...

7.3

CVE-2025-37159

  • EPSS 0.03%
  • Veröffentlicht 18.11.2025 18:52:46
  • Zuletzt bearbeitet 04.12.2025 18:19:18

A vulnerability in the web management interface of the AOS-CX OS user authentication service could allow an authenticated remote attacker to hijack an active user session. Successful exploitation may enable the attacker to maintain unauthorized acces...

8.8

CVE-2025-37158

  • EPSS 0.09%
  • Veröffentlicht 18.11.2025 18:51:28
  • Zuletzt bearbeitet 04.12.2025 18:19:59

A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution (RCE) on the affected system.

8.8

CVE-2025-37157

  • EPSS 0.09%
  • Veröffentlicht 18.11.2025 18:48:58
  • Zuletzt bearbeitet 04.12.2025 18:20:14

A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution (RCE) on the affected system.

6.8

CVE-2025-37156

  • EPSS 0.05%
  • Veröffentlicht 18.11.2025 18:46:10
  • Zuletzt bearbeitet 04.12.2025 18:20:51

A platform-level denial-of-service (DoS) vulnerability exists in ArubaOS-CX software. Successful exploitation of this vulnerability could allow an attacker with administrative access to execute specific code that renders the switch non-bootable and e...

7.8

CVE-2025-37155

  • EPSS 0.01%
  • Veröffentlicht 18.11.2025 18:40:40
  • Zuletzt bearbeitet 04.12.2025 18:21:05

A vulnerability in the SSH restricted shell interface of the network management services allows improper access control for authenticated read-only users. If successfully exploited, this vulnerability could allow an attacker with read-only privileges...

8.8

CVE-2023-3718

  • EPSS 1.1%
  • Veröffentlicht 01.08.2023 19:15:09
  • Zuletzt bearbeitet 21.11.2024 08:17:54

An authenticated command injection vulnerability exists in the AOS-CX command line interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands on the underlying operating system as a privileged user ...

8.8

CVE-2023-1168

  • EPSS 1.49%
  • Veröffentlicht 22.03.2023 06:15:09
  • Zuletzt bearbeitet 26.02.2025 17:15:14

An authenticated remote code execution vulnerability exists in the AOS-CX Network Analytics Engine. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying ...

9

CVE-2021-41000

  • EPSS 5.61%
  • Veröffentlicht 02.03.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:25:14

Multiple authenticated remote code execution vulnerabilities were discovered in the AOS-CX command line interface in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series,...

9

CVE-2021-41001

  • EPSS 5.61%
  • Veröffentlicht 02.03.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:25:14

An authenticated remote code execution vulnerability was discovered in the AOS-CX Network Analytics Engine (NAE) in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, ...