Vulnerabilities > Arubanetworks > Airwave > High

DATE CVE VULNERABILITY TITLE RISK
2023-09-05 CVE-2015-2201 OS Command Injection vulnerability in multiple products
Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows VisualRF remote OS command execution and file disclosure by administrative users.
network
low complexity
hp arubanetworks CWE-78
7.2
7.2
2023-09-05 CVE-2015-2202 Improper Input Validation vulnerability in multiple products
Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows administrative users to escalate privileges to root on the underlying OS.
network
low complexity
hp arubanetworks CWE-20
7.2
7.2
2022-12-08 CVE-2022-37916 Unspecified vulnerability in Arubanetworks Airwave
Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls.
network
low complexity
arubanetworks
8.1
8.1
2022-12-08 CVE-2022-37917 Unspecified vulnerability in Arubanetworks Airwave
Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls.
network
low complexity
arubanetworks
8.1
8.1
2022-12-08 CVE-2022-37918 Unspecified vulnerability in Arubanetworks Airwave
Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls.
network
low complexity
arubanetworks
8.1
8.1
2021-04-29 CVE-2021-25167 OS Command Injection vulnerability in Arubanetworks Airwave
A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1.
network
low complexity
arubanetworks CWE-78
8.8
8.8
2021-04-29 CVE-2021-25166 OS Command Injection vulnerability in Arubanetworks Airwave
A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1.
network
low complexity
arubanetworks CWE-78
8.8
8.8
2021-04-29 CVE-2021-25163 XXE vulnerability in Arubanetworks Airwave
A remote XML external entity vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1.
network
low complexity
arubanetworks CWE-611
8.1
8.1
2021-04-28 CVE-2021-25165 XXE vulnerability in Arubanetworks Airwave
A remote XML external entity vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1.
network
low complexity
arubanetworks CWE-611
8.1
8.1
2021-04-28 CVE-2021-25152 Deserialization of Untrusted Data vulnerability in Arubanetworks Airwave
A remote insecure deserialization vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1.
network
low complexity
arubanetworks CWE-502
7.2
7.2