CVE-2008-2272

EUVD-2008-2269
Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.5.x, 2.5.6.x, 3.1.1.x, 3.2.0.x, and 3.3.1.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
Affected Products (NVD)
VendorProductVersion
aruba_networksaruba_mobility_controller
2.4.8
aruba_networksaruba_mobility_controller
2.4.8
aruba_networksaruba_mobility_controller
2.5.5
aruba_networksaruba_mobility_controller
2.5.6
aruba_networksaruba_mobility_controller
3.1.1
aruba_networksaruba_mobility_controller
3.2.0
aruba_networksaruba_mobility_controller
3.3.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/30262
http://www.arubanetworks.com/support/alerts/aid-051408.asc
http://www.securityfocus.com/archive/1/492113/100/0/threaded
http://www.securityfocus.com/bid/29240
http://www.securitytracker.com/id?1020033
https://exchange.xforce.ibmcloud.com/vulnerabilities/42433
http://secunia.com/advisories/30262
http://www.arubanetworks.com/support/alerts/aid-051408.asc
http://www.securityfocus.com/archive/1/492113/100/0/threaded
http://www.securityfocus.com/bid/29240
http://www.securitytracker.com/id?1020033
https://exchange.xforce.ibmcloud.com/vulnerabilities/42433