cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-22444,https://securityvulnerability.io/vulnerability/CVE-2024-22444,Reflected Cross-Site Scripting Vulnerability in EdgeConnect SD-WAN Orchestrator Could Lead to Arbitrary Code Execution,A vulnerability within the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victims browser in the context of the affected interface.,HP,HP Aruba Networking Edgeconnect Sd-wan Orchestrator,6.1,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-07-24T15:17:18.394Z,0
CVE-2024-22443,https://securityvulnerability.io/vulnerability/CVE-2024-22443,Server-side Prototype Pollution Vulnerability Could Lead to System Compromise,"A vulnerability exists in the web-based management interface of the EdgeConnect SD-WAN Orchestrator, enabling authenticated remote attackers to carry out server-side prototype pollution attacks. Exploiting this flaw can lead to arbitrary command execution on the underlying operating system, potentially resulting in complete system takeover. Organizations using the affected product are urged to assess their exposure and implement necessary security measures to protect their systems.",HP,HP Aruba Networking Edgeconnect Sd-wan Orchestrator,8.8,HIGH,0.0005000000237487257,false,false,false,false,,false,false,2024-07-24T15:08:07.150Z,0
CVE-2024-41914,https://securityvulnerability.io/vulnerability/CVE-2024-41914,Stored Cross-Site Scripting (XSS) Vulnerability in EdgeConnect SD-WAN Orchestrator,"A vulnerability exists in the web-based management interface of HPE's EdgeConnect SD-WAN Orchestrator, which can be exploited by an authenticated remote attacker to initiate a stored cross-site scripting (XSS) attack. This flaw allows the execution of arbitrary script code in the browser of an administrative user interacting with the affected interface. The dynamic nature of the web-based interface may allow the attacker to store malicious scripts, which are then executed whenever an administrator accesses the compromised section. Proper security measures and updates are necessary to mitigate this potential risk.",HP,HP Aruba Networking Edgeconnect Sd-wan Orchestrator,9,CRITICAL,0.0005000000237487257,false,false,false,false,,false,false,2024-07-24T14:57:55.556Z,0