Remote Code Execution Vulnerability in HPE Aruba AirWave
CVE-2017-8946

8.3HIGH

Key Information:

Vendor: HP
Status: Aruba Airwave Glass
Vendor: CVE Published:; 15 February 2018

Summary

A Remote Code Execution vulnerability exists in HPE Aruba AirWave Glass in versions v1.0.0 and v1.0.1, allowing attackers to execute arbitrary code remotely. This flaw can potentially allow unauthorized access to sensitive data or systems, posing a significant threat to network security. Users are advised to update to the latest version to mitigate the risks associated with this vulnerability. For more information, refer to the provided references.

Affected Version(s)

Aruba AirWave Glass v1.0.0 and 1.0.1

References

http://www.securityfocus.com/bid/98644

vdb-entryx_refsource_BID

https://support.hpe.com/hpsc/doc/public/display?docId=emr...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.3

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Feb 15, 2018
Vulnerability Reserved
May 15, 2017