Lucene search
K

485 matches found

EUVD
EUVD
added 2018/08/06 8:0 p.m.6 views

EUVD-2016-9374

Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to an XML external entities XXE. XXEs are a way to permit XML parsers to access storage that exist on external systems. If an unprivileged user is permitted to control the contents of XML files, XXE can be used as an attac...

8.8CVSS7.2AI score0.09815EPSS
Exploits5References4
CVE
CVE
added 2018/08/06 8:0 p.m.61 views

CVE-2016-8526

Aruba AirWave is affected by CVE-2016-8526 (XXE) in all versions up to 8.2.3.1. The vulnerability arises from an XML External Entity injection that allows an XML processor with access to the local filesystem (running with web server permissions) to read files and potentially exfiltrate password-c...

8.8CVSS7.1AI score0.09815EPSS
Exploits5References3Affected Software1
Cvelist
Cvelist
added 2018/08/06 8:0 p.m.28 views

CVE-2016-8527

Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to a reflected cross-site scripting XSS. The vulnerability is present in the VisualRF component of AirWave. By exploiting this vulnerability, an attacker who can trick a logged-in AirWave administrative user into clicking ...

6.2AI score0.13164EPSS
Exploits5References3
OSV
OSV
added 2018/02/15 10:29 p.m.3 views

CVE-2017-8946

A Remote Code Execution vulnerability in HPE Aruba AirWave Glass version v1.0.0 and 1.0.1 was found...

8.3CVSS5.9AI score0.10909EPSS
Exploits0References2
NVD
NVD
added 2018/02/15 10:29 p.m.7 views

CVE-2017-8946

A Remote Code Execution vulnerability in HPE Aruba AirWave Glass version v1.0.0 and 1.0.1 was found...

8.3CVSS8.6AI score0.10909EPSS
Exploits0References2
Prion
Prion
added 2018/02/15 10:29 p.m.16 views

Remote code execution

A Remote Code Execution vulnerability in HPE Aruba AirWave Glass version v1.0.0 and 1.0.1 was found...

7.6CVSS8.4AI score0.10909EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2018/02/15 10:0 p.m.13 views

CVE-2017-8946

A Remote Code Execution vulnerability in HPE Aruba AirWave Glass version v1.0.0 and 1.0.1 was found...

8.6AI score0.10909EPSS
Exploits0References2
CVE
CVE
added 2018/02/15 10:0 p.m.42 views

CVE-2017-8946

The CVE-2017-8946 entry identifies a Remote Code Execution vulnerability in the HPE Aruba AirWave Glass software, affecting versions v1.0.0 and v1.0.1 . Public descriptions indicate a vulnerability exists in AirWave Glass that could allow an attacker to execute arbitrary code remotely, but the pr...

8.3CVSS8.4AI score0.10909EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2017/05/27 12:0 a.m.3 views

HPE Aruba Airwave Software Glass Remote Code Execution Vulnerability

The AirWave network management platform provides visibility into wired and wireless networks to support mobile devices and applications. AirWave gives IT staff the information they need to support the digital workplace by proactively monitoring the status and performance of all connections. A...

8.3CVSS8.4AI score0.10909EPSS
Exploits0References1
CNVD
CNVD
added 2017/03/02 12:0 a.m.5 views

Aruba AirWave Management Platform XML External Entity Injection Vulnerability

Aruba AirWave is Aruba's suite of network management software for multi-vendor management systems that provides end-to-end monitoring capabilities to improve network operations and manage RF security, as well as real-time monitoring and proactive alerting and reporting. AirWave Management Platfor...

8.8CVSS7.4AI score0.09815EPSS
Exploits5References1
exploitpack
exploitpack
added 2017/03/01 12:0 a.m.116 views

Aruba AirWave 8.2.3 - XML External Entity Injection Cross-Site Scripting

Aruba AirWave 8.2.3 - XML External Entity Injection Cross-Site Scripting SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XML External Entity Injection XXE, Reflected Cross Site Scripting product: Aruba AirWave vulnerab...

4.3CVSS0.7AI score0.13164EPSS
Exploits6
0day.today
0day.today
added 2017/03/01 12:0 a.m.77 views

Aruba AirWave 8.2.3 - XML External Entity Injection / Cross-Site Scripting Vulnerabilities

Exploit for hardware platform in category web applications title: XML External Entity Injection XXE, Reflected Cross Site Scripting product: Aruba AirWave vulnerable version: =8.2.3 fixed version: 8.2.3.1 CVE number: CVE-2016-8526, CVE-2016-8527 impact: high homepage: http://www.arubanetworks.com...

0.13164EPSS
Exploits6
Packet Storm
Packet Storm
added 2017/03/01 12:0 a.m.98 views

Aruba AirWave 8.2.3 XXE Injection / Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XML External Entity Injection XXE, Reflected Cross Site Scripting product: Aruba AirWave vulnerable version: =8.2.3 fixed version: 8.2.3.1 CVE number: CVE-2016-8526,...

0.4AI score0.13164EPSS
Exploits6
Exploit DB
Exploit DB
added 2017/03/01 12:0 a.m.88 views

Aruba AirWave 8.2.3 - XML External Entity Injection / Cross-Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XML External Entity Injection XXE, Reflected Cross Site Scripting product: Aruba AirWave vulnerable version: =8.2.3 fixed version: 8.2.3.1 CVE number: CVE-2016-8526,...

8.8CVSS6.6AI score0.13164EPSS
Exploits6
CNVD
CNVD
added 2016/07/18 12:0 a.m.10 views

Aruba Networks ArubaOS/AirWave Management Platform and Instant Security Bypass Vulnerability

Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks including Mobility Controllers and Mobility Access Switches; AirWave ArubaOS is an operating system for Aruba Mobility-Defined Networks including Mobility Controllers and Mobility Access Switches; AirWave Management...

9.8CVSS7.6AI score0.05123EPSS
Exploits2References1
CNVD
CNVD
added 2016/07/17 12:0 a.m.6 views

Aruba Networks ArubaO/AirWave Management Platform and Instant Security Bypass Vulnerability

ArubaOS is an operating system for Aruba Mobility-Defined Networks; AirWave Management Platform is a wireless network management software. A security vulnerability exists in Aruba Networks ArubaOS, AMP, and Aruba Instant that could be exploited by remote attackers to bypass security restrictions,...

7.5CVSS7.3AI score0.02684EPSS
Exploits2References1
NCSC
NCSC
added 2016/05/11 12:0 a.m.9 views

Multiple vulnerabilities fixed in Aruba networks products

Multiple vulnerabilities have been discovered in various Aruba Networks products including Instant and ArubaOS access points, the Airwave management platform and the PAPI protocol that these systems mutually use. Some vulnerabilities have been fixed, others will be fixed in a future update, and f...

9.8CVSS7.9AI score0.05123EPSS
Exploits3
Packet Storm
Packet Storm
added 2016/05/06 12:0 a.m.216 views

Aruba Authentication Bypass / Insecure Transport / Tons Of Issues

Aruba ArubaOS/Aruba Instant/AirWave Management - Multiple Vulnerabilities ------------------------------------------------------------------------- Introduction ============ Multiple vulnerabilities were identified in Aruba AP, IAP and AMP devices. The Vulnerabilities were discovered during a bla...

7.7CVSS0.2AI score0.05123EPSS
Exploits3
NVD
NVD
added 2014/11/25 3:59 p.m.16 views

CVE-2014-8368

The web interface in Aruba Networks AirWave before 7.7.14 and 8.x before 8.0.5 allows remote authenticated users to gain privileges and execute arbitrary commands via unspecified vectors...

9CVSS7.4AI score0.0281EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2014/11/25 3:59 p.m.3 views

CVE-2014-8368

The web interface in Aruba Networks AirWave before 7.7.14 and 8.x before 8.0.5 allows remote authenticated users to gain privileges and execute arbitrary commands via unspecified vectors...

9CVSS6AI score0.0281EPSS
Exploits0References4
Rows per page
Query Builder