Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Airwave_glass
(Arubanetworks)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 12 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-10-26 | CVE-2020-24631 | A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | Airwave_glass | 7.2 | ||
| 2020-10-26 | CVE-2020-24632 | A remote execution of arbitrary commandss vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | Airwave_glass | 7.2 | ||
| 2020-10-26 | CVE-2020-7124 | A remote unauthorized access vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | Airwave_glass | 9.8 | ||
| 2020-10-26 | CVE-2020-7125 | A remote escalation of privilege vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | Airwave_glass | 8.8 | ||
| 2020-10-26 | CVE-2020-7126 | A remote server-side request forgery (ssrf) vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | Airwave_glass | 5.8 | ||
| 2020-10-26 | CVE-2020-7127 | A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | Airwave_glass | 9.8 | ||
| 2020-11-04 | CVE-2020-7128 | A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | Airwave_glass | 9.8 | ||
| 2020-11-04 | CVE-2020-7129 | A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | Airwave_glass | 7.2 | ||
| 2021-01-15 | CVE-2020-24638 | Multiple authenticated remote command executions are possible in Airwave Glass before 1.3.3 via the glassadmin cli. These allow for a user with glassadmin privileges to execute arbitrary code as root on the underlying host operating system. | Airwave_glass | 7.2 | ||
| 2021-01-15 | CVE-2020-24639 | There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system. | Airwave_glass | 9.8 |