Vulnerabilities > Arubanetworks > Airwave > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-28 | CVE-2021-25154 | Unspecified vulnerability in Arubanetworks Airwave A remote escalation of privilege vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. | 7.5 |
| 2021-04-28 | CVE-2021-25153 | SQL Injection vulnerability in Arubanetworks Airwave A remote SQL injection vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. | 8.1 |
| 2021-04-28 | CVE-2021-25151 | Deserialization of Untrusted Data vulnerability in Arubanetworks Airwave A remote insecure deserialization vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. | 8.8 |
| 2021-04-28 | CVE-2021-25147 | Improper Authentication vulnerability in Arubanetworks Airwave A remote authentication restriction bypass vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. | 8.1 |
| 2021-03-05 | CVE-2021-26964 | Incorrect Authorization vulnerability in Arubanetworks Airwave A remote authentication restriction bypass vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. | 7.1 |
| 2021-03-05 | CVE-2021-26963 | Unspecified vulnerability in Arubanetworks Airwave A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. | 7.2 |
| 2021-03-05 | CVE-2021-26962 | OS Command Injection vulnerability in Arubanetworks Airwave A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. | 7.2 |
| 2021-03-05 | CVE-2021-26961 | Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Airwave A remote unauthenticated cross-site request forgery (csrf) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. | 8.8 |
| 2021-03-05 | CVE-2021-26960 | Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Airwave A remote unauthenticated cross-site request forgery (csrf) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. | 8.8 |
| 2020-02-27 | CVE-2019-5326 | Deserialization of Untrusted Data vulnerability in Arubanetworks Airwave An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. | 7.2 |