Vulnerabilities > Arubanetworks > Airwave > 8.0.9

DATE CVE VULNERABILITY TITLE RISK
2021-03-05 CVE-2021-26967 Cross-site Scripting vulnerability in Arubanetworks Airwave
A remote reflected cross-site scripting (xss) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0.
network
low complexity
arubanetworks CWE-79
6.1
6.1
2021-03-05 CVE-2021-26966 SQL Injection vulnerability in Arubanetworks Airwave
A remote authenticated sql injection vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0.
network
low complexity
arubanetworks CWE-89
6.5
6.5
2021-03-05 CVE-2021-26965 SQL Injection vulnerability in Arubanetworks Airwave
A remote authenticated sql injection vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0.
network
low complexity
arubanetworks CWE-89
6.5
6.5
2021-03-05 CVE-2021-26964 Incorrect Authorization vulnerability in Arubanetworks Airwave
A remote authentication restriction bypass vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0.
network
low complexity
arubanetworks CWE-863
7.1
7.1
2021-03-05 CVE-2021-26963 Unspecified vulnerability in Arubanetworks Airwave
A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0.
network
low complexity
arubanetworks
7.2
7.2
2021-03-05 CVE-2021-26962 OS Command Injection vulnerability in Arubanetworks Airwave
A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0.
network
low complexity
arubanetworks CWE-78
7.2
7.2
2021-03-05 CVE-2021-26961 Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Airwave
A remote unauthenticated cross-site request forgery (csrf) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0.
network
low complexity
arubanetworks CWE-352
8.8
8.8
2021-03-05 CVE-2021-26960 Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Airwave
A remote unauthenticated cross-site request forgery (csrf) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0.
network
low complexity
arubanetworks CWE-352
8.8
8.8
2020-02-27 CVE-2019-5326 Deserialization of Untrusted Data vulnerability in Arubanetworks Airwave
An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform.
network
low complexity
arubanetworks CWE-502
7.2
7.2
2020-02-27 CVE-2019-5323 Command Injection vulnerability in Arubanetworks Airwave
There are command injection vulnerabilities present in the AirWave application.
network
low complexity
arubanetworks CWE-77
7.2
7.2