485 matches found
EUVD-2016-9374
Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to an XML external entities XXE. XXEs are a way to permit XML parsers to access storage that exist on external systems. If an unprivileged user is permitted to control the contents of XML files, XXE can be used as an attac...
CVE-2016-8526
Aruba AirWave is affected by CVE-2016-8526 (XXE) in all versions up to 8.2.3.1. The vulnerability arises from an XML External Entity injection that allows an XML processor with access to the local filesystem (running with web server permissions) to read files and potentially exfiltrate password-c...
CVE-2016-8527
Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to a reflected cross-site scripting XSS. The vulnerability is present in the VisualRF component of AirWave. By exploiting this vulnerability, an attacker who can trick a logged-in AirWave administrative user into clicking ...
CVE-2017-8946
A Remote Code Execution vulnerability in HPE Aruba AirWave Glass version v1.0.0 and 1.0.1 was found...
CVE-2017-8946
A Remote Code Execution vulnerability in HPE Aruba AirWave Glass version v1.0.0 and 1.0.1 was found...
Remote code execution
A Remote Code Execution vulnerability in HPE Aruba AirWave Glass version v1.0.0 and 1.0.1 was found...
CVE-2017-8946
A Remote Code Execution vulnerability in HPE Aruba AirWave Glass version v1.0.0 and 1.0.1 was found...
CVE-2017-8946
The CVE-2017-8946 entry identifies a Remote Code Execution vulnerability in the HPE Aruba AirWave Glass software, affecting versions v1.0.0 and v1.0.1 . Public descriptions indicate a vulnerability exists in AirWave Glass that could allow an attacker to execute arbitrary code remotely, but the pr...
HPE Aruba Airwave Software Glass Remote Code Execution Vulnerability
The AirWave network management platform provides visibility into wired and wireless networks to support mobile devices and applications. AirWave gives IT staff the information they need to support the digital workplace by proactively monitoring the status and performance of all connections. A...
Aruba AirWave Management Platform XML External Entity Injection Vulnerability
Aruba AirWave is Aruba's suite of network management software for multi-vendor management systems that provides end-to-end monitoring capabilities to improve network operations and manage RF security, as well as real-time monitoring and proactive alerting and reporting. AirWave Management Platfor...
Aruba AirWave 8.2.3 - XML External Entity Injection Cross-Site Scripting
Aruba AirWave 8.2.3 - XML External Entity Injection Cross-Site Scripting SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XML External Entity Injection XXE, Reflected Cross Site Scripting product: Aruba AirWave vulnerab...
Aruba AirWave 8.2.3 - XML External Entity Injection / Cross-Site Scripting Vulnerabilities
Exploit for hardware platform in category web applications title: XML External Entity Injection XXE, Reflected Cross Site Scripting product: Aruba AirWave vulnerable version: =8.2.3 fixed version: 8.2.3.1 CVE number: CVE-2016-8526, CVE-2016-8527 impact: high homepage: http://www.arubanetworks.com...
Aruba AirWave 8.2.3 XXE Injection / Cross Site Scripting
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XML External Entity Injection XXE, Reflected Cross Site Scripting product: Aruba AirWave vulnerable version: =8.2.3 fixed version: 8.2.3.1 CVE number: CVE-2016-8526,...
Aruba AirWave 8.2.3 - XML External Entity Injection / Cross-Site Scripting
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: XML External Entity Injection XXE, Reflected Cross Site Scripting product: Aruba AirWave vulnerable version: =8.2.3 fixed version: 8.2.3.1 CVE number: CVE-2016-8526,...
Aruba Networks ArubaOS/AirWave Management Platform and Instant Security Bypass Vulnerability
Aruba Networks ArubaOS is an operating system for Aruba Mobility-Defined Networks including Mobility Controllers and Mobility Access Switches; AirWave ArubaOS is an operating system for Aruba Mobility-Defined Networks including Mobility Controllers and Mobility Access Switches; AirWave Management...
Aruba Networks ArubaO/AirWave Management Platform and Instant Security Bypass Vulnerability
ArubaOS is an operating system for Aruba Mobility-Defined Networks; AirWave Management Platform is a wireless network management software. A security vulnerability exists in Aruba Networks ArubaOS, AMP, and Aruba Instant that could be exploited by remote attackers to bypass security restrictions,...
Multiple vulnerabilities fixed in Aruba networks products
Multiple vulnerabilities have been discovered in various Aruba Networks products including Instant and ArubaOS access points, the Airwave management platform and the PAPI protocol that these systems mutually use. Some vulnerabilities have been fixed, others will be fixed in a future update, and f...
Aruba Authentication Bypass / Insecure Transport / Tons Of Issues
Aruba ArubaOS/Aruba Instant/AirWave Management - Multiple Vulnerabilities ------------------------------------------------------------------------- Introduction ============ Multiple vulnerabilities were identified in Aruba AP, IAP and AMP devices. The Vulnerabilities were discovered during a bla...
CVE-2014-8368
The web interface in Aruba Networks AirWave before 7.7.14 and 8.x before 8.0.5 allows remote authenticated users to gain privileges and execute arbitrary commands via unspecified vectors...
CVE-2014-8368
The web interface in Aruba Networks AirWave before 7.7.14 and 8.x before 8.0.5 allows remote authenticated users to gain privileges and execute arbitrary commands via unspecified vectors...