Vulnerability Details CVE-2019-5320
Aruba Intelligent Edge Switch Series 2540, 2530, 2930F, 2930M, 2920, 5400R, and 3810M with firmware 16.08.* before 16.08.0009, 16.09.* before 16.09.0007, 16.10.* before 16.10.0003 are vulnerable to Cross Site Scripting in the web UI, leading to injection of code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.0%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2019-5320
-
cpe:2.3:h:arubanetworks:2530:-
-
cpe:2.3:h:arubanetworks:2540:-
-
cpe:2.3:h:arubanetworks:2920:-
-
cpe:2.3:h:arubanetworks:2930:-
-
cpe:2.3:h:arubanetworks:3810:-
-
cpe:2.3:h:arubanetworks:5400r:-
-
cpe:2.3:o:arubanetworks:2530_firmware:16.08.0
-
cpe:2.3:o:arubanetworks:2530_firmware:16.09.0
-
cpe:2.3:o:arubanetworks:2530_firmware:16.10.0
-
cpe:2.3:o:arubanetworks:2540_firmware:16.08.0
-
cpe:2.3:o:arubanetworks:2540_firmware:16.09.0
-
cpe:2.3:o:arubanetworks:2540_firmware:16.10.0
-
cpe:2.3:o:arubanetworks:2920_firmware:16.08.0
-
cpe:2.3:o:arubanetworks:2920_firmware:16.09.0
-
cpe:2.3:o:arubanetworks:2920_firmware:16.10.0
-
cpe:2.3:o:arubanetworks:2930_firmware:16.08.0
-
cpe:2.3:o:arubanetworks:2930_firmware:16.09.0
-
cpe:2.3:o:arubanetworks:2930_firmware:16.10.0
-
cpe:2.3:o:arubanetworks:3810_firmware:16.08.0
-
cpe:2.3:o:arubanetworks:3810_firmware:16.09.0
-
cpe:2.3:o:arubanetworks:3810_firmware:16.10.0
-
cpe:2.3:o:arubanetworks:5400r_firmware:16.08.0
-
cpe:2.3:o:arubanetworks:5400r_firmware:16.09.0
-
cpe:2.3:o:arubanetworks:5400r_firmware:16.10.0