EdgeConnect Enterprise
by Aruba
CVEs (19)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-44535 | 0.00 | — | 0.01 | Jan 3, 2023 | A vulnerability in the Aruba EdgeConnect Enterprise Orchestrator web-based management interface allows remote low-privileged authenticated users to escalate their privileges to those of an administrative user. A successful exploit could allow an attacker to achieve… | |||
| CVE-2022-44534 | 0.00 | — | 0.01 | Jan 3, 2023 | A vulnerability in the Aruba EdgeConnect Enterprise Orchestrator web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the… | |||
| CVE-2022-43529 | 0.00 | — | 0.00 | Jan 3, 2023 | A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an remote attacker to persist a session after a password reset or similar session clearing event. Successful exploitation of this vulnerability could allow an… | |||
| CVE-2022-43528 | 0.00 | — | 0.00 | Jan 3, 2023 | Under certain configurations, an attacker can login to Aruba EdgeConnect Enterprise Orchestrator without supplying a multi-factor authentication code. Successful exploitation allows an attacker to login using only a username and password and successfully bypass MFA requirements… | |||
| CVE-2022-43527 | 0.00 | — | 0.00 | Jan 3, 2023 | Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to… | |||
| CVE-2022-43525 | 0.00 | — | 0.00 | Jan 3, 2023 | Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to… | |||
| CVE-2022-44533 | 0.00 | — | 0.01 | Nov 30, 2022 | A vulnerability in the Aruba EdgeConnect Enterprise web management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system… | |||
| CVE-2022-44532 | 0.00 | — | 0.00 | Nov 30, 2022 | An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in… | |||
| CVE-2022-43542 | 0.00 | — | 0.01 | Nov 30, 2022 | Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system… | |||
| CVE-2022-43541 | 0.00 | — | 0.01 | Nov 30, 2022 | Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system… | |||
| CVE-2022-43518 | 0.00 | — | 0.00 | Nov 30, 2022 | An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise web interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba… | |||
| CVE-2022-37926 | 0.00 | — | 0.00 | Nov 30, 2022 | A vulnerability within the web-based management interface of EdgeConnect Enterprise could allow a remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface by uploading a specially crafted file. A successful exploit could allow an… | |||
| CVE-2022-37925 | 0.00 | — | 0.00 | Nov 30, 2022 | A vulnerability within the web-based management interface of Aruba EdgeConnect Enterprise could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary… | |||
| CVE-2022-37924 | 0.00 | — | 0.01 | Nov 30, 2022 | Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system… | |||
| CVE-2022-37923 | 0.00 | — | 0.01 | Nov 30, 2022 | Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system… | |||
| CVE-2022-37922 | 0.00 | — | 0.01 | Nov 30, 2022 | Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system… | |||
| CVE-2022-37921 | 0.00 | — | 0.01 | Nov 30, 2022 | Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system… | |||
| CVE-2022-37920 | 0.00 | — | 0.01 | Nov 30, 2022 | Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system… | |||
| CVE-2022-37919 | 0.00 | — | 0.01 | Nov 30, 2022 | A vulnerability exists in the API of Aruba EdgeConnect Enterprise. An unauthenticated attacker can exploit this condition via the web-based management interface to create a denial-of-service condition which prevents the appliance from properly responding to API requests in Aruba… |
- CVE-2022-44535Jan 3, 2023risk 0.00cvss —epss 0.01
A vulnerability in the Aruba EdgeConnect Enterprise Orchestrator web-based management interface allows remote low-privileged authenticated users to escalate their privileges to those of an administrative user. A successful exploit could allow an attacker to achieve…
- CVE-2022-44534Jan 3, 2023risk 0.00cvss —epss 0.01
A vulnerability in the Aruba EdgeConnect Enterprise Orchestrator web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the…
- CVE-2022-43529Jan 3, 2023risk 0.00cvss —epss 0.00
A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an remote attacker to persist a session after a password reset or similar session clearing event. Successful exploitation of this vulnerability could allow an…
- CVE-2022-43528Jan 3, 2023risk 0.00cvss —epss 0.00
Under certain configurations, an attacker can login to Aruba EdgeConnect Enterprise Orchestrator without supplying a multi-factor authentication code. Successful exploitation allows an attacker to login using only a username and password and successfully bypass MFA requirements…
- CVE-2022-43527Jan 3, 2023risk 0.00cvss —epss 0.00
Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to…
- CVE-2022-43525Jan 3, 2023risk 0.00cvss —epss 0.00
Multiple vulnerabilities within the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to…
- CVE-2022-44533Nov 30, 2022risk 0.00cvss —epss 0.01
A vulnerability in the Aruba EdgeConnect Enterprise web management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system…
- CVE-2022-44532Nov 30, 2022risk 0.00cvss —epss 0.00
An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in…
- CVE-2022-43542Nov 30, 2022risk 0.00cvss —epss 0.01
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system…
- CVE-2022-43541Nov 30, 2022risk 0.00cvss —epss 0.01
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system…
- CVE-2022-43518Nov 30, 2022risk 0.00cvss —epss 0.00
An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise web interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba…
- CVE-2022-37926Nov 30, 2022risk 0.00cvss —epss 0.00
A vulnerability within the web-based management interface of EdgeConnect Enterprise could allow a remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface by uploading a specially crafted file. A successful exploit could allow an…
- CVE-2022-37925Nov 30, 2022risk 0.00cvss —epss 0.00
A vulnerability within the web-based management interface of Aruba EdgeConnect Enterprise could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary…
- CVE-2022-37924Nov 30, 2022risk 0.00cvss —epss 0.01
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system…
- CVE-2022-37923Nov 30, 2022risk 0.00cvss —epss 0.01
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system…
- CVE-2022-37922Nov 30, 2022risk 0.00cvss —epss 0.01
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system…
- CVE-2022-37921Nov 30, 2022risk 0.00cvss —epss 0.01
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system…
- CVE-2022-37920Nov 30, 2022risk 0.00cvss —epss 0.01
Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system…
- CVE-2022-37919Nov 30, 2022risk 0.00cvss —epss 0.01
A vulnerability exists in the API of Aruba EdgeConnect Enterprise. An unauthenticated attacker can exploit this condition via the web-based management interface to create a denial-of-service condition which prevents the appliance from properly responding to API requests in Aruba…