Lucene search
K
HpAirwave

6 matches found

CVE
CVE
added 2018/08/06 8:0 p.m.72 views

CVE-2016-8527

Aruba AirWave (VisualRF) before version 8.2.3.1 is affected by CVE-2016-8527, a reflected XSS vulnerability. An attacker can exploit a malicious link to trick a logged-in AirWave admin into clicking it, potentially leaking session cookies or passwords. Root cause is a reflected XSS in the VisualR...

6.1CVSS6AI score0.13164EPSS
CVE
CVE
added 2018/08/06 8:0 p.m.61 views

CVE-2016-8526

Aruba AirWave is affected by CVE-2016-8526 (XXE) in all versions up to 8.2.3.1. The vulnerability arises from an XML External Entity injection that allows an XML processor with access to the local filesystem (running with web server permissions) to read files and potentially exfiltrate password-c...

8.8CVSS7.1AI score0.09815EPSS
CVE
CVE
added 2023/09/05 12:0 a.m.53 views

CVE-2015-2202

Aruba AirWave is affected by CVE-2015-2202. Versions affected: Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7. The issue allows administrative users to escalate privileges to root on the underlying OS. The root cause is a privilege-escalation flaw within the AirWave software. Remediation: upg...

7.2CVSS7.1AI score0.00659EPSS
CVE
CVE
added 2023/09/05 12:0 a.m.40 views

CVE-2015-1390

Aruba AirWave before 8.0.7 is affected by a Cross-Site Scripting (XSS) vulnerability in the administrator-facing web interface. The root cause is described as a lack of protection for the web page structure, enabling a remote attacker to perform client-side script injections through the admin UI....

6.1CVSS6AI score0.00345EPSS
CVE
CVE
added 2023/09/05 12:0 a.m.40 views

CVE-2015-1391

CVE-2015-1391 affects Aruba AirWave versions prior to 8.0.7. The issue is a bypass of CSRF protection, enabling potential unauthorized actions within the affected interface. NVD notes a CVSS v3.1 base score of 8.8 (HIGH) with network attack vector, no privileges required, and user interaction req...

8.8CVSS8.6AI score0.00305EPSS
CVE
CVE
added 2023/09/05 12:0 a.m.40 views

CVE-2015-2201

Aruba AirWave contains a vulnerability in VisualRF that permits remote OS command execution and file disclosure by administrative users in affected releases. Affected versions are Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7. The issue is triggered through VisualRF components and could lead...

7.2CVSS7.1AI score0.0105EPSS