Arubanetworks Security Vulnerabilities (CVEs)
Track 159 security vulnerabilities affecting Arubanetworks products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
This CVE describes authenticated command injection vulnerabilities in HPE Aruba Networking products that allow attackers with CLI access to execute ar...
May 14, 2024Unauthenticated attackers can cause Denial of Service (DoS) in Aruba Central Communications service via PAPI protocol, disrupting normal operations. T...
May 14, 2024This critical vulnerability in Aruba access points allows unauthenticated attackers to execute arbitrary commands with root privileges by sending mali...
May 14, 2024This vulnerability allows attackers to delete arbitrary files on Aruba Access Points through the Central Communications service via PAPI. Successful e...
May 14, 2024CVE-2024-31469 is a critical buffer overflow vulnerability in Aruba's Central Communications service that allows unauthenticated attackers to execute ...
May 14, 2024CVE-2024-31471 is a critical command injection vulnerability in Aruba's Central Communications service that allows unauthenticated attackers to execut...
May 14, 2024This critical vulnerability allows unauthenticated attackers to execute arbitrary code with privileged access on Aruba access points by sending specia...
May 14, 2024CVE-2024-31466 is a critical buffer overflow vulnerability in Aruba's Access Point management protocol (PAPI) that allows unauthenticated attackers to...
May 14, 2024An unauthenticated Denial of Service (DoS) vulnerability exists in the Auth service accessed via the PAPI protocol in ArubaOS. This allows attackers t...
May 1, 2024An unauthenticated Denial-of-Service vulnerability in Aruba's Radio Frequency Manager service allows attackers to disrupt service operation via the PA...
May 1, 2024Unauthenticated attackers can cause Denial-of-Service (DoS) in Aruba's AP Management service via the PAPI protocol, disrupting network operations. Thi...
May 1, 2024Authenticated command injection vulnerabilities in ArubaOS CLI allow attackers with valid credentials to execute arbitrary commands as privileged user...
Mar 5, 2024Authenticated command injection vulnerabilities in ArubaOS CLI allow attackers with valid credentials to execute arbitrary commands as privileged user...
Mar 5, 2024This vulnerability in ClearPass Policy Manager allows authenticated remote attackers to execute arbitrary commands as root on the underlying operating...
Feb 27, 2024This vulnerability in Aruba ClearPass Policy Manager allows authenticated remote users to execute arbitrary commands on the underlying host with root ...
Feb 27, 2024This vulnerability in Aruba ClearPass Policy Manager allows authenticated remote attackers to execute arbitrary commands as root on the underlying ope...
Feb 27, 2024An unauthenticated Denial-of-Service vulnerability in the soft AP daemon accessed via PAPI protocol allows attackers to disrupt affected access points...
Nov 14, 2023Unauthenticated attackers can cause denial-of-service conditions in Aruba access points by exploiting vulnerabilities in the CLI service accessed via ...
Nov 14, 2023Unauthenticated attackers can exploit vulnerabilities in the BLE daemon service via the PAPI protocol to cause Denial-of-Service (DoS) on affected Aru...
Nov 14, 2023This critical vulnerability allows unauthenticated attackers to execute arbitrary code with privileged access on Aruba access points by sending specia...
Nov 14, 2023This CVE describes a critical buffer overflow vulnerability in Aruba's AirWave client service that allows unauthenticated attackers to execute arbitra...
Nov 14, 2023This vulnerability in Aruba's AirWave client service allows attackers to delete arbitrary files on the operating system via the PAPI protocol. This co...
Nov 14, 2023This SQL injection vulnerability in ClearPass Policy Manager's web management interface allows authenticated attackers to execute arbitrary SQL comman...
Oct 25, 2023This vulnerability allows attackers to execute arbitrary code during the early boot sequence of Aruba 9200 and 9000 Series Controllers and Gateways. S...
Sep 6, 2023This vulnerability allows attackers to bypass secure boot protections on Aruba 9200 and 9000 Series Controllers and Gateways, enabling execution of ar...
Sep 6, 2023This vulnerability allows administrative users of Aruba AirWave management systems to escalate their privileges to root on the underlying operating sy...
Sep 5, 2023EdgeConnect SD-WAN Orchestrator instances use shared static SSH host keys across all installations, allowing attackers to spoof legitimate Orchestrato...
Aug 22, 2023This vulnerability allows authenticated remote users to execute arbitrary commands as root on EdgeConnect SD-WAN Orchestrator systems through the web ...
Aug 22, 2023This stored XSS vulnerability in EdgeConnect SD-WAN Orchestrator allows authenticated attackers to inject malicious scripts into the web interface. Wh...
Aug 22, 2023This vulnerability allows unauthenticated remote attackers to execute arbitrary commands on EdgeConnect SD-WAN Orchestrator systems if certain precond...
Aug 22, 2023This critical vulnerability allows unauthenticated attackers to execute arbitrary code with privileged access on Aruba access points by sending specia...
Jul 25, 2023This critical vulnerability allows unauthenticated attackers to execute arbitrary code with privileged access on Aruba access points by sending specia...
Jul 25, 2023This stored cross-site scripting vulnerability in ArubaOS web management interface allows unauthenticated attackers to inject malicious scripts that e...
Jul 5, 2023Authenticated command injection vulnerabilities in ArubaOS CLI allow attackers with valid credentials to execute arbitrary commands as privileged user...
Jul 5, 2023This vulnerability allows remote authenticated users to execute arbitrary commands as root on Aruba EdgeConnect Enterprise appliances through the comm...
May 16, 2023This vulnerability in Aruba EdgeConnect Enterprise's command line interface allows remote authenticated users to execute arbitrary commands as root on...
May 16, 2023This vulnerability allows remote authenticated users to execute arbitrary commands as root on Aruba EdgeConnect Enterprise devices through the command...
May 16, 2023An unauthenticated Denial of Service vulnerability in Aruba's PAPI protocol allows attackers to disrupt affected access points without credentials. Th...
May 8, 2023This CVE describes authenticated command injection vulnerabilities in Aruba InstantOS and ArubaOS 10 command line interfaces. Attackers with authentic...
May 8, 2023This vulnerability in ClearPass Policy Manager's web interface allows authenticated low-privilege users to access sensitive information. Attackers cou...
Mar 22, 2023This vulnerability allows remote attackers to execute reflected cross-site scripting (XSS) attacks against users of the ClearPass Policy Manager web i...
Mar 22, 2023An unauthenticated remote attacker can create arbitrary administrative users on ClearPass Policy Manager's web interface, leading to complete cluster ...
Mar 22, 2023This CVE describes an authenticated path traversal vulnerability in ArubaOS command line interface that allows authenticated attackers to delete arbit...
Mar 1, 2023This CVE describes buffer overflow vulnerabilities in Aruba networking devices that allow unauthenticated attackers to execute arbitrary code with pri...
Mar 1, 2023CVE-2023-22759 is an authenticated remote command injection vulnerability in ArubaOS web management interfaces. It allows authenticated attackers to e...
Mar 1, 2023CVE-2023-22761 allows authenticated attackers to execute arbitrary commands as privileged users on ArubaOS devices through the web management interfac...
Mar 1, 2023This CVE describes authenticated command injection vulnerabilities in ArubaOS command line interface that allow attackers to execute arbitrary command...
Mar 1, 2023Authenticated command injection vulnerabilities in ArubaOS CLI allow attackers with valid credentials to execute arbitrary commands as privileged user...
Mar 1, 2023CVE-2023-22767 allows authenticated attackers to execute arbitrary commands with privileged access on ArubaOS devices through command injection in the...
Mar 1, 2023This CVE describes authenticated command injection vulnerabilities in ArubaOS command line interface. Attackers with valid credentials can execute arb...
Mar 1, 2023Why Monitor Arubanetworks Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 159+ known vulnerabilities affecting Arubanetworks products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Arubanetworks packages in under 60 seconds. No agents required - completely agentless scanning that works across Arubanetworks deployments.
Free vulnerability database: Access detailed information about every Arubanetworks CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Arubanetworks CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
