CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

hpe

arubaos-switch

3 known vulnerabilities · sorted by CVSS score

CVE-2023-39266

HIGH8.3

A vulnerability in the ArubaOS-Switch web management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface provided certain configuration options are present. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.

hpe / arubaos-switch+4

Network

Published Aug 29, 2023

CVE-2023-39267

MEDIUM6.6

An authenticated remote code execution vulnerability exists in the command line interface in ArubaOS-Switch. Successful exploitation results in a Denial-of-Service (DoS) condition in the switch.

hpe / arubaos-switch+4

Network

Published Aug 29, 2023

CVE-2023-39268

MEDIUM4.5

A memory corruption vulnerability in ArubaOS-Switch could lead to unauthenticated remote code execution by receiving specially crafted packets. Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.

hpe / arubaos-switch+4

Network

Published Aug 29, 2023