Vulnerabilities > HP > Airwave > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-05 | CVE-2015-1391 | Cross-Site Request Forgery (CSRF) vulnerability in HP Airwave Aruba AirWave before 8.0.7 allows bypass of a CSRF protection mechanism. | 8.8 |
| 2023-09-05 | CVE-2015-2201 | OS Command Injection vulnerability in multiple products Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows VisualRF remote OS command execution and file disclosure by administrative users. | 7.2 |
| 2023-09-05 | CVE-2015-2202 | Improper Input Validation vulnerability in multiple products Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows administrative users to escalate privileges to root on the underlying OS. | 7.2 |
| 2018-08-06 | CVE-2016-8526 | XXE vulnerability in HP Airwave Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to an XML external entities (XXE). | 8.8 |