Every CVE whose affected-product data names Hp Instantos, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (56)
CVE-2024-31468 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code…
CVE-2024-31467 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending…
CVE-2024-31466 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending…
CVE-2023-22782 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2023-22783 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2023-22784 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2023-22785 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2023-22786 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2024-42395 — CVSS 9.8 (critical): There is a vulnerability in the AP Certificate Management Service which could allow a threat actor to execute an unauthenticated RCE…
CVE-2024-42394 — CVSS 9.8 (critical): There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack…
CVE-2024-42393 — CVSS 9.8 (critical): There are vulnerabilities in the Soft AP Daemon Service which could allow a threat actor to execute an unauthenticated RCE attack…
CVE-2024-31473 — CVSS 9.8 (critical): There is a command injection vulnerability in the underlying deauthentication service that could lead to unauthenticated remote code…
CVE-2024-31472 — CVSS 9.8 (critical): There are command injection vulnerabilities in the underlying Soft AP Daemon service that could lead to unauthenticated remote code…
CVE-2023-35980 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2023-35981 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2023-35982 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2023-45614 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending…
CVE-2023-45615 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in the underlying CLI service that could lead to unauthenticated remote code execution by sending…
CVE-2023-45616 — CVSS 9.8 (critical): There is a buffer overflow vulnerability in the underlying AirWave client service that could lead to unauthenticated remote code execution…
CVE-2023-22780 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2023-22781 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2023-22779 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by…
CVE-2024-31471 — CVSS 9.8 (critical): There is a command injection vulnerability in the underlying Central Communications service that could lead to unauthenticated remote code…
CVE-2024-31470 — CVSS 9.8 (critical): There is a buffer overflow vulnerability in the underlying SAE (Simultaneous Authentication of Equals) service that could lead to…
CVE-2024-31469 — CVSS 9.8 (critical): There are buffer overflow vulnerabilities in the underlying Central Communications service that could lead to unauthenticated remote code…
CVE-2023-45619 — CVSS 8.2 (high): There is an arbitrary file deletion vulnerability in the RSSI service accessed by PAPI (Aruba's access point management protocol)…
CVE-2023-45617 — CVSS 8.2 (high): There are arbitrary file deletion vulnerabilities in the CLI service accessed by PAPI (Aruba's access point management protocol)…
CVE-2023-45618 — CVSS 8.2 (high): There are arbitrary file deletion vulnerabilities in the AirWave client service accessed by PAPI (Aruba's access point management…
CVE-2024-31474 — CVSS 8.2 (high): There is an arbitrary file deletion vulnerability in the CLI service accessed by PAPI (Aruba's Access Point management protocol)…
CVE-2024-31475 — CVSS 8.2 (high): There is an arbitrary file deletion vulnerability in the Central Communications service accessed by PAPI (Aruba's access point management…
CVE-2023-22787 — CVSS 7.5 (high): An unauthenticated Denial of Service (DoS) vulnerability exists in a service accessed via the PAPI protocol provided by Aruba InstantOS and…
CVE-2023-45622 — CVSS 7.5 (high): Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the BLE daemon service accessed via the PAPI protocol. Successful…
CVE-2023-45624 — CVSS 7.5 (high): An unauthenticated Denial-of-Service (DoS) vulnerability exists in the soft ap daemon accessed via the PAPI protocol. Successful…
CVE-2023-45623 — CVSS 7.5 (high): Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Wi-Fi Uplink service accessed via the PAPI protocol. Successful…
CVE-2023-45620 — CVSS 7.5 (high): Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of…
CVE-2023-45621 — CVSS 7.5 (high): Unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of…
CVE-2023-45625 — CVSS 7.2 (high): Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these…
CVE-2023-22789 — CVSS 7.2 (high): Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful…
CVE-2023-22788 — CVSS 7.2 (high): Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful…
CVE-2023-22790 — CVSS 7.2 (high): Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful…
CVE-2024-31476 — CVSS 7.2 (high): Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these…
CVE-2024-31477 — CVSS 7.2 (high): Multiple authenticated command injection vulnerabilities exist in the command line interface. Successful exploitation of these…
CVE-2023-45626 — CVSS 5.5 (medium): An authenticated vulnerability has been identified allowing an attacker to effectively establish highly privileged persistent arbitrary…
CVE-2023-22791 — CVSS 5.4 (medium): A vulnerability exists in Aruba InstantOS and ArubaOS 10 where an edge-case combination of network configuration, a specific WLAN…
CVE-2024-31479 — CVSS 5.3 (medium): Unauthenticated Denial of Service (DoS) vulnerabilities exist in the Central Communications service accessed via the PAPI protocol…
CVE-2024-42399 — CVSS 5.3 (medium): Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful…
CVE-2024-42400 — CVSS 5.3 (medium): Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful…
CVE-2024-31478 — CVSS 5.3 (medium): Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exists in the Soft AP daemon accessed via the PAPI protocol. Successful…
CVE-2024-31480 — CVSS 5.3 (medium): Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of…
CVE-2024-31481 — CVSS 5.3 (medium): Unauthenticated Denial of Service (DoS) vulnerabilities exist in the CLI service accessed via the PAPI protocol. Successful exploitation of…
CVE-2024-31482 — CVSS 5.3 (medium): An unauthenticated Denial-of-Service (DoS) vulnerability exists in the ANSI escape code service accessed via the PAPI protocol. Successful…
CVE-2024-42396 — CVSS 5.3 (medium): Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI…
CVE-2024-42397 — CVSS 5.3 (medium): Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the AP Certificate Management daemon accessed via the PAPI…
CVE-2024-42398 — CVSS 5.3 (medium): Multiple unauthenticated Denial-of-Service (DoS) vulnerabilities exist in the Soft AP daemon accessed via the PAPI protocol. Successful…
CVE-2024-31483 — CVSS 4.9 (medium): An authenticated sensitive information disclosure vulnerability exists in the CLI service accessed via the PAPI protocol. Successful…
CVE-2023-45627 — CVSS 4.3 (medium): An authenticated Denial-of-Service (DoS) vulnerability exists in the CLI service. Successful exploitation of this vulnerability results in…