CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25163
https://notcve.org/view.php?id=CVE-2021-25163
29 Apr 2021 — A remote XML external entity vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability. Se detectó una vulnerabilidad de tipo XML external entity remota en Aruba AirWave Management Platform versiones anteriores a 8.2.12.1. Aruba ha publicado parches para AirWave Management Platform que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-010.txt • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25165
https://notcve.org/view.php?id=CVE-2021-25165
28 Apr 2021 — A remote XML external entity vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability. Se detectó una vulnerabilidad de tipo XML external entity remota en Aruba AirWave Management Platform versiones anteriores a la 8.2.12.1. Aruba ha publicado parches para AirWave Management Platform que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-010.txt • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 0CVE-2021-25164
https://notcve.org/view.php?id=CVE-2021-25164
28 Apr 2021 — A remote XML external entity vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability. Se detectó una vulnerabilidad de entidad externa XML remota en Aruba AirWave Management Platform versiones anteriores a la 8.2.12.1. Aruba ha publicado parches para AirWave Management Platform que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-010.txt • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.0EPSS: 1%CPEs: 1EXPL: 0CVE-2021-25152
https://notcve.org/view.php?id=CVE-2021-25152
28 Apr 2021 — A remote insecure deserialization vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability. Se detectó una vulnerabilidad de deserialización no segura remota en Aruba AirWave Management Platform versiones anteriores a la 8.2.12.1. Aruba ha publicado parches para AirWave Management Platform que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-010.txt • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25153
https://notcve.org/view.php?id=CVE-2021-25153
28 Apr 2021 — A remote SQL injection vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability. Se detectó una vulnerabilidad de inyección SQL remota en Aruba AirWave Management Platform versiones anteriores a 8.2.12.1. Aruba ha publicado parches para AirWave Management Platform que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-010.txt • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25154
https://notcve.org/view.php?id=CVE-2021-25154
28 Apr 2021 — A remote escalation of privilege vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability. Se detectó una vulnerabilidad de escalada de privilegios remota en Aruba AirWave Management Platform versiones anteriores a 8.2.12.1. Aruba ha publicado parches para AirWave Management Platform que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-010.txt •
CVSS: 9.0EPSS: 5%CPEs: 1EXPL: 0CVE-2021-25151
https://notcve.org/view.php?id=CVE-2021-25151
28 Apr 2021 — A remote insecure deserialization vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability. Se detectó una vulnerabilidad de deserialización no segura remota en Aruba AirWave Management Platform versiones anteriores a la 8.2.12.1. Aruba ha publicado parches para AirWave Management Platform que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-010.txt • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25147
https://notcve.org/view.php?id=CVE-2021-25147
28 Apr 2021 — A remote authentication restriction bypass vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability. Se detectó una vulnerabilidad de omisión de restricción de autenticación remota en Aruba AirWave Management Platform versiones anteriores a la 8.2.12.1. Aruba ha publicado parches para AirWave Management Platform que abordan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-010.txt • CWE-287: Improper Authentication •
CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 0CVE-2021-26971
https://notcve.org/view.php?id=CVE-2021-26971
05 Mar 2021 — A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Vulnerabilities in the AirWave web-base management interface could allow remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as a lower privileged user on the underlying operating system leading to partial system compromise. Se detectó una vulnerabilidad de ejecuc... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-005.txt •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-26969
https://notcve.org/view.php?id=CVE-2021-26969
05 Mar 2021 — A remote authenticated authenticated xml external entity (xxe) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. Due to improper restrictions on XML entities a vulnerability exists in the web-based management interface of AirWave. A successful exploit could allow an authenticated attacker to retrieve files from the local system or cause the application to consume system resources, resulting in a denial of service condition. Se detectó una vulnerabilidad de xml ... • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-005.txt • CWE-611: Improper Restriction of XML External Entity Reference •