CVE-2020-24638
https://notcve.org/view.php?id=CVE-2020-24638
Multiple authenticated remote command executions are possible in Airwave Glass before 1.3.3 via the glassadmin cli. These allow for a user with glassadmin privileges to execute arbitrary code as root on the underlying host operating system. Son posibles múltiples ejecuciones de comandos remotos autenticados en Airwave Glass versiones anteriores a 1.3.3, por medio de la cli glassadmin. Estos permiten a un usuario privilegiado de glassadmin ejecutar código arbitrario como root en el sistema operativo host subyacente • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-001.txt •
CVE-2020-24641
https://notcve.org/view.php?id=CVE-2020-24641
In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Forgery vulnerability through an unauthenticated endpoint that if successfully exploited can result in disclosure of sensitive information. This can be used to perform an authentication bypass and ultimately gain administrative access on the web administrative interface. En Aruba AirWave Glass versiones anteriores a 1.3.3, Se presenta una vulnerabilidad de tipo Server-Side Request Forgery por medio de un endpoint no autenticado que, si se explotaba con éxito, puede resultar en una divulgación de información confidencial. Esto puede ser usado para llevar a cabo una omisión de autenticación y, en última instancia, conseguir acceso administrativo en la interfaz web administrativa • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-001.txt • CWE-287: Improper Authentication CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2020-12148 – OS Command Injection - nslookup API
https://notcve.org/view.php?id=CVE-2020-12148
A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM (ECOS) appliance software could allow an attacker to execute arbitrary commands with the privileges of the web server running on the EdgeConnect appliance. An attacker could exploit this vulnerability to establish an interactive channel, effectively taking control of the target system. This vulnerability can be exploited by an attacker with authenticated access to the Orchestrator UI or EdgeConnect UI. This affects all ECOS versions prior to : 8.1.9.15, 8.3.0.8, 8.3.1.2, 8.3.2.0, 9.0.2.0, and 9.1.0.0. Un fallo de inyección de comandos identificada en la API nslookup en el software del dispositivo Silver Peak Unity ECOSTM (ECOS), podría permitir a un atacante ejecutar comandos arbitrarios con los privilegios del servidor web que se ejecuta en el dispositivo EdgeConnect. • https://www.silver-peak.com/support/user-documentation/security-advisories • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2020-12149 – OS Command Injection - Management File Upload
https://notcve.org/view.php?id=CVE-2020-12149
The configuration backup/restore function in Silver Peak Unity ECOSTM (ECOS) appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. This vulnerability can be exploited by an attacker with authenticated access to the Orchestrator UI or EdgeConnect UI. This affects all ECOS versions prior to: 8.1.9.15, 8.3.0.8, 8.3.1.2, 8.3.2.0, 9.0.2.0, and 9.1.0.0. Se detectó que la función backup/restore de la configuración en el software del dispositivo Silver Peak Unity ECOSTM (ECOS) incorpora directamente el nombre de archivo de configuración controlado por el usuario en un comando shell posterior, permitiendo a un atacante manipular el comando resultante al inyectar una entrada de comando válida del sistema operativo. Esta vulnerabilidad puede ser explotada por un atacante con acceso autenticado a la Interfaz de Usuario de Orchestrator o la Interfaz de Usuario de EdgeConnect. • https://www.silver-peak.com/support/user-documentation/security-advisories • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2020-24637
https://notcve.org/view.php?id=CVE-2020-24637
Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker to bypass secureboot. Successful exploitation of this vulnerability this could lead to remote compromise of system integrity by allowing an attacker to load an untrusted or modified kernel in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below. Dos vulnerabilidades en la implementación de ArubaOS GRUB2 permiten a un atacante omitir el arranque seguro. Una explotación con éxito de esta vulnerabilidad podría conllevar a un compromiso remoto de la integridad del sistema al permitir a un atacante cargar un kernel modificado o no confiable en Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers versiones: 2.1.0.1, 2.2.0.0 y anteriores; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 y por debajo; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 y por debajo • https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04072en_us •