Описание
A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba Operating System Software version(s): 6.x.x.x: all versions, 8.x.x.x: all versions prior to 8.8.0.0. Aruba has released patches for ArubaOS that address this security vulnerability.
Ссылки
- MitigationVendor Advisory
- Vendor Advisory
- MitigationVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 6.1.3.7 (включая) до 6.5.4.20 (включая)Версия от 8.0.0.0 (включая) до 8.8.0.0 (исключая)
Одно из
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
cpe:2.3:o:arubanetworks:arubaos:*:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:siemens:scalance_w1750d_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:scalance_w1750d:-:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00155
Низкий
6.5 Medium
CVSS3
7.1 High
CVSS2
Дефекты
CWE-352
Связанные уязвимости
github
больше 3 лет назад
A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba Operating System Software version(s): 6.x.x.x: all versions, 8.x.x.x: all versions prior to 8.8.0.0. Aruba has released patches for ArubaOS that address this security vulnerability.
EPSS
Процентиль: 37%
0.00155
Низкий
6.5 Medium
CVSS3
7.1 High
CVSS2
Дефекты
CWE-352