Edgeconnect Enterprise Aruba Networks Edgeconnect Enterprise

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Aruba Networks Edgeconnect Enterprise.

By the Year

In 2025 there have been 0 vulnerabilities in Aruba Networks Edgeconnect Enterprise. Edgeconnect Enterprise did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2025 0 0.00
2024 0 0.00
2023 10 7.66
2022 13 7.02
2021 0 0.00
2020 2 6.80
2019 0 0.00
2018 0 0.00

It may take a day or so for new Edgeconnect Enterprise vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Aruba Networks Edgeconnect Enterprise Security Vulnerabilities

Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface

CVE-2023-30501 8.8 - High - May 16, 2023

Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.

Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface

CVE-2023-30502 8.8 - High - May 16, 2023

Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.

Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface

CVE-2023-30503 8.8 - High - May 16, 2023

Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.

Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface

CVE-2023-30504 8.8 - High - May 16, 2023

Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.

Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface

CVE-2023-30505 8.8 - High - May 16, 2023

Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.

Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface

CVE-2023-30506 8.8 - High - May 16, 2023

Vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface that allow remote authenticated users to run arbitrary commands on the underlying host. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.

Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface

CVE-2023-30507 6.5 - Medium - May 16, 2023

Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files.

Directory traversal

Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface

CVE-2023-30508 6.5 - Medium - May 16, 2023

Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files.

Directory traversal

Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface

CVE-2023-30509 6.5 - Medium - May 16, 2023

Multiple authenticated path traversal vulnerabilities exist in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of these vulnerabilities result in the ability to read arbitrary files on the underlying operating system, including sensitive system files.

Directory traversal

A vulnerability exists in the Aruba EdgeConnect Enterprise web management interface

CVE-2023-30510 4.3 - Medium - May 16, 2023

A vulnerability exists in the Aruba EdgeConnect Enterprise web management interface that allows remote authenticated users to issue arbitrary URL requests from the Aruba EdgeConnect Enterprise instance. The impact of this vulnerability is limited to a subset of URLs which can result in the possible disclosure of data due to the network position of the Aruba EdgeConnect Enterprise instance.

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface

CVE-2022-37923 7.2 - High - December 12, 2022

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.

An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise web interface

CVE-2022-43518 6.5 - Medium - December 12, 2022

An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise web interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.

Directory traversal

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface

CVE-2022-43541 7.2 - High - December 12, 2022

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface

CVE-2022-43542 8.8 - High - December 12, 2022

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.

An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise command line interface

CVE-2022-44532 6.5 - Medium - December 12, 2022

An authenticated path traversal vulnerability exists in the Aruba EdgeConnect Enterprise command line interface. Successful exploitation of this vulnerability results in the ability to read arbitrary files on the underlying operating system, including sensitive system files in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.

Directory traversal

A vulnerability in the Aruba EdgeConnect Enterprise web management interface

CVE-2022-44533 7.2 - High - December 12, 2022

A vulnerability in the Aruba EdgeConnect Enterprise web management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.

A vulnerability exists in the API of Aruba EdgeConnect Enterprise

CVE-2022-37919 7.5 - High - December 12, 2022

A vulnerability exists in the API of Aruba EdgeConnect Enterprise. An unauthenticated attacker can exploit this condition via the web-based management interface to create a denial-of-service condition which prevents the appliance from properly responding to API requests in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below;

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface

CVE-2022-37920 7.2 - High - December 12, 2022

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.

A vulnerability within the web-based management interface of Aruba EdgeConnect Enterprise could

CVE-2022-37925 6.1 - Medium - December 12, 2022

A vulnerability within the web-based management interface of Aruba EdgeConnect Enterprise could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.

XSS

A vulnerability within the web-based management interface of EdgeConnect Enterprise could

CVE-2022-37926 5.4 - Medium - December 12, 2022

A vulnerability within the web-based management interface of EdgeConnect Enterprise could allow a remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface by uploading a specially crafted file. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.

XSS

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface

CVE-2022-37921 7.2 - High - December 12, 2022

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface

CVE-2022-37922 7.2 - High - December 12, 2022

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface

CVE-2022-37924 7.2 - High - December 12, 2022

Vulnerabilities in the Aruba EdgeConnect Enterprise command line interface allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise in Aruba EdgeConnect Enterprise Software version(s): ECOS 9.2.1.0 and below; ECOS 9.1.3.0 and below; ECOS 9.0.7.0 and below; ECOS 8.3.7.1 and below.

The configuration backup/restore function in Silver Peak Unity ECOSTM (ECOS) appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command

CVE-2020-12149 6.8 - Medium - December 11, 2020

The configuration backup/restore function in Silver Peak Unity ECOSTM (ECOS) appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. This vulnerability can be exploited by an attacker with authenticated access to the Orchestrator UI or EdgeConnect UI. This affects all ECOS versions prior to: 8.1.9.15, 8.3.0.8, 8.3.1.2, 8.3.2.0, 9.0.2.0, and 9.1.0.0.

Shell injection

A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM (ECOS) appliance software could

CVE-2020-12148 6.8 - Medium - December 11, 2020

A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM (ECOS) appliance software could allow an attacker to execute arbitrary commands with the privileges of the web server running on the EdgeConnect appliance. An attacker could exploit this vulnerability to establish an interactive channel, effectively taking control of the target system. This vulnerability can be exploited by an attacker with authenticated access to the Orchestrator UI or EdgeConnect UI. This affects all ECOS versions prior to : 8.1.9.15, 8.3.0.8, 8.3.1.2, 8.3.2.0, 9.0.2.0, and 9.1.0.0.

Shell injection

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Aruba Networks Edgeconnect Enterprise or by Aruba Networks? Click the Watch button to subscribe.

subscribe