Vulnerabilities > Arubanetworks > Airwave > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-05 | CVE-2021-26971 | Unspecified vulnerability in Arubanetworks Airwave A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. | 6.5 |
| 2021-03-05 | CVE-2021-26970 | Command Injection vulnerability in Arubanetworks Airwave A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. | 6.5 |
| 2021-03-05 | CVE-2021-26969 | XXE vulnerability in Arubanetworks Airwave A remote authenticated authenticated xml external entity (xxe) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. | 5.5 |
| 2021-03-05 | CVE-2021-26967 | Cross-site Scripting vulnerability in Arubanetworks Airwave A remote reflected cross-site scripting (xss) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. | 4.3 |
| 2021-03-05 | CVE-2021-26966 | SQL Injection vulnerability in Arubanetworks Airwave A remote authenticated sql injection vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. | 5.5 |
| 2021-03-05 | CVE-2021-26965 | SQL Injection vulnerability in Arubanetworks Airwave A remote authenticated sql injection vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. | 5.5 |
| 2021-03-05 | CVE-2021-26964 | Incorrect Authorization vulnerability in Arubanetworks Airwave A remote authentication restriction bypass vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. | 5.5 |
| 2021-03-05 | CVE-2021-26961 | Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Airwave A remote unauthenticated cross-site request forgery (csrf) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. | 6.8 |
| 2021-03-05 | CVE-2021-26960 | Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Airwave A remote unauthenticated cross-site request forgery (csrf) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0. | 6.8 |
| 2020-02-27 | CVE-2019-5326 | Deserialization of Untrusted Data vulnerability in Arubanetworks Airwave An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. | 6.5 |