Vulnerabilities > Arubanetworks > Airwave > 7.7.8

DATE CVE VULNERABILITY TITLE RISK
2023-10-17 CVE-2023-4896 Unspecified vulnerability in Arubanetworks Airwave
A vulnerability exists which allows an authenticated attacker to access sensitive information on the AirWave Management Platform web-based management interface.
network
low complexity
arubanetworks
6.5
2023-09-05 CVE-2015-2201 OS Command Injection vulnerability in multiple products
Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows VisualRF remote OS command execution and file disclosure by administrative users.
network
low complexity
hp arubanetworks CWE-78
7.2
2023-09-05 CVE-2015-2202 Improper Input Validation vulnerability in multiple products
Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows administrative users to escalate privileges to root on the underlying OS.
network
low complexity
hp arubanetworks CWE-20
7.2
2022-12-08 CVE-2022-37916 Unspecified vulnerability in Arubanetworks Airwave
Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls.
network
low complexity
arubanetworks
8.1
2022-12-08 CVE-2022-37917 Unspecified vulnerability in Arubanetworks Airwave
Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls.
network
low complexity
arubanetworks
8.1
2022-12-08 CVE-2022-37918 Unspecified vulnerability in Arubanetworks Airwave
Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls.
network
low complexity
arubanetworks
8.1
2021-08-26 CVE-2021-37715 Cross-site Scripting vulnerability in Arubanetworks Airwave
A remote cross-site scripting (XSS) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.13.0.
3.5
2021-04-29 CVE-2021-29137 Open Redirect vulnerability in Arubanetworks Airwave
A remote URL redirection vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1.
5.8
2021-04-29 CVE-2021-25167 OS Command Injection vulnerability in Arubanetworks Airwave
A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1.
network
low complexity
arubanetworks CWE-78
6.5
2021-04-29 CVE-2021-25166 Command Injection vulnerability in Arubanetworks Airwave
A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1.
network
low complexity
arubanetworks CWE-77
6.5