Arubanetworks Airwave Glass — known CVE vulnerabilities
Every CVE whose affected-product data names Arubanetworks Airwave Glass, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2020-24639 — CVSS 9.8 (critical): There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment…
CVE-2020-7128 — CVSS 9.8 (critical): A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
CVE-2020-7127 — CVSS 9.8 (critical): A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
CVE-2020-24640 — CVSS 9.8 (critical): There is a vulnerability caused by insufficient input validation that allows for arbitrary command execution in a containerized environment…
CVE-2020-7124 — CVSS 9.8 (critical): A remote unauthorized access vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
CVE-2020-7125 — CVSS 8.8 (high): A remote escalation of privilege vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
CVE-2020-24641 — CVSS 7.5 (high): In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Forgery vulnerability through an unauthenticated endpoint that if…
CVE-2020-7129 — CVSS 7.2 (high): A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
CVE-2020-24632 — CVSS 7.2 (high): A remote execution of arbitrary commandss vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
CVE-2020-24638 — CVSS 7.2 (high): Multiple authenticated remote command executions are possible in Airwave Glass before 1.3.3 via the glassadmin cli. These allow for a user…
CVE-2020-24631 — CVSS 7.2 (high): A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
CVE-2020-7126 — CVSS 5.8 (medium): A remote server-side request forgery (ssrf) vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.