CVE-2008-2272

Published May 16, 2008

Last updated 6 years ago

CVSS info 4.3

Overview

Description: Multiple cross-site scripting (XSS) vulnerabilities in the web interface in Aruba Mobility Controller 2.4.8.x-FIPS, 2.5.5.x, 2.5.6.x, 3.1.1.x, 3.2.0.x, and 3.3.1.x allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.3
Impact score: 2.9
Exploitability score: 8.6
Vector string: AV:N/AC:M/Au:N/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: CWE-79

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:aruba_networks:aruba_mobility_controller:2.4.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9370CBF-36C3-4FF9-85BB-2FC76F903904"
          },
          {
            "criteria": "cpe:2.3:a:aruba_networks:aruba_mobility_controller:2.4.8:*:fips:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F0D8A18D-85FB-4E55-91E6-3A61728610AD"
          },
          {
            "criteria": "cpe:2.3:a:aruba_networks:aruba_mobility_controller:2.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F024C347-E06C-49E5-89E7-BFD6E86625B2"
          },
          {
            "criteria": "cpe:2.3:a:aruba_networks:aruba_mobility_controller:2.5.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "09AEB099-80D8-46F9-ABAC-00CAAD2F0BE1"
          },
          {
            "criteria": "cpe:2.3:a:aruba_networks:aruba_mobility_controller:3.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "46097FBB-3FAD-42CB-A31F-93E4684DB536"
          },
          {
            "criteria": "cpe:2.3:a:aruba_networks:aruba_mobility_controller:3.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98FC75AA-54C5-46D5-B11B-E23F6B154214"
          },
          {
            "criteria": "cpe:2.3:a:aruba_networks:aruba_mobility_controller:3.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDE0E1C8-2329-4614-875B-B0955FA2B24A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References