Airwave Security Vulnerabilities and Issues — Airwave CVE List

Lucene search

ArubanetworksAirwave

24 matches found

CVE•added 2021/03/05 5:15 p.m.•60 views

CVE-2021-26965

A remote authenticated sql injection vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Multiple vulnerabilities in the API of AirWave could allow an authenticated remote attacker to conduct SQL injection attacks against the AirWave instance. An attacke...

6.5CVSS6.6AI score0.00227EPSS

CVE•added 2021/03/05 4:15 p.m.•56 views

CVE-2021-26962

A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Vulnerabilities in the AirWave CLI could allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could ...

9CVSS7.3AI score0.03628EPSS

CVE•added 2021/03/05 5:15 p.m.•56 views

CVE-2021-26964

A remote authentication restriction bypass vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. A vulnerability in the AirWave web-based management interface could allow an authenticated remote attacker to improperly access and modify devices and manageme...

7.1CVSS7.1AI score0.0009EPSS

CVE•added 2021/03/05 5:15 p.m.•56 views

CVE-2021-26967

A remote reflected cross-site scripting (xss) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. A vulnerability in the web-based management interface of AirWave could allow a remote attacker to conduct a reflected cross-site scripting (XSS) attack agai...

6.1CVSS5.9AI score0.00301EPSS

CVE•added 2021/03/05 5:15 p.m.•53 views

CVE-2021-26963

9CVSS7.3AI score0.03628EPSS

CVE•added 2021/04/28 7:15 p.m.•51 views

CVE-2021-25151

A remote insecure deserialization vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability.

9CVSS8.6AI score0.05679EPSS

CVE•added 2021/04/28 8:15 p.m.•49 views

CVE-2021-25152

9CVSS7AI score0.00981EPSS

CVE•added 2021/03/05 5:15 p.m.•48 views

CVE-2021-26966

6.5CVSS6.6AI score0.00257EPSS

CVE•added 2021/03/05 5:15 p.m.•48 views

CVE-2021-26970

A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Vulnerabilities in the AirWave web-base management interface could allow remote authenticated users to run arbitrary commands on the underlying host. A...

6.5CVSS6.5AI score0.01105EPSS

CVE•added 2021/04/28 7:15 p.m.•45 views

CVE-2021-25154

A remote escalation of privilege vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability.

7.5CVSS7.8AI score0.00758EPSS

CVE•added 2021/04/28 8:15 p.m.•45 views

CVE-2021-25165

A remote XML external entity vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability.

8.1CVSS8AI score0.00938EPSS

CVE•added 2021/03/05 5:15 p.m.•43 views

CVE-2021-26968

A remote authenticated stored cross-site scripting (xss) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. A vulnerability in the web-based management interface of AirWave could allow an authenticated remote attacker to conduct a stored cross-site scri...

4.8CVSS4.8AI score0.00211EPSS

CVE•added 2021/03/05 5:15 p.m.•43 views

CVE-2021-26969

A remote authenticated authenticated xml external entity (xxe) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Due to improper restrictions on XML entities a vulnerability exists in the web-based management interface of AirWave. A successful exploit ...

6.5CVSS6.2AI score0.00857EPSS

CVE•added 2021/08/26 8:15 p.m.•43 views

CVE-2021-37715

A remote cross-site scripting (XSS) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.13.0. Aruba has released upgrades for the Aruba AirWave Management Platform that address this security vulnerability.

4.8CVSS4.9AI score0.0041EPSS

CVE•added 2021/04/28 8:15 p.m.•41 views

CVE-2021-25164

6.5CVSS6.5AI score0.01123EPSS

CVE•added 2021/03/05 5:15 p.m.•41 views

CVE-2021-26971

A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Vulnerabilities in the AirWave web-base management interface could allow remote authenticated users to run arbitrary commands on the underlying host. A...

6.5CVSS6.5AI score0.01105EPSS

CVE•added 2021/04/28 7:15 p.m.•40 views

CVE-2021-25153

A remote SQL injection vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability.

8.1CVSS8.3AI score0.0021EPSS

CVE•added 2021/03/05 4:15 p.m.•39 views

CVE-2021-26960

A remote unauthenticated cross-site request forgery (csrf) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. A vulnerability in the AirWave web-based management interface could allow an unauthenticated remote attacker to conduct a CSRF attack against a...

8.8CVSS8.7AI score0.00314EPSS

CVE•added 2021/04/29 12:15 p.m.•39 views

CVE-2021-29137

A remote URL redirection vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability.

6.1CVSS6.3AI score0.00206EPSS

CVE•added 2021/03/05 4:15 p.m.•36 views

CVE-2021-26961

8.8CVSS8.7AI score0.00314EPSS

CVE•added 2021/04/29 11:15 a.m.•35 views

CVE-2021-25166

A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability.

8.8CVSS8.5AI score0.00965EPSS

CVE•added 2021/04/28 3:15 p.m.•34 views

CVE-2021-25147

A remote authentication restriction bypass vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability.

8.1CVSS8.2AI score0.00125EPSS

CVE•added 2021/04/29 11:15 a.m.•34 views

CVE-2021-25167

8.8CVSS8.5AI score0.00965EPSS

CVE•added 2021/04/29 11:15 a.m.•32 views

CVE-2021-25163

8.1CVSS8AI score0.00938EPSS