CVE-2014-8368

Опубликовано: 25 нояб. 2014

Источник: nvd

CVSS2: 9

EPSS Низкий

Описание

The web interface in Aruba Networks AirWave before 7.7.14 and 8.x before 8.0.5 allows remote authenticated users to gain privileges and execute arbitrary commands via unspecified vectors.

Ссылки

http://secunia.com/advisories/62578
Third Party Advisory
http://www.arubanetworks.com/support/alerts/aid-11192014.txt
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/98871
Third Party Advisory
VDB Entry
http://secunia.com/advisories/62578
Third Party Advisory
http://www.arubanetworks.com/support/alerts/aid-11192014.txt
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/98871
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:arubanetworks:airwave:*:*:*:*:*:*:*:*

Версия от 7.7.0 (включая) до 7.7.14 (исключая)

cpe:2.3:a:arubanetworks:airwave:*:*:*:*:*:*:*:*

Версия от 8.0.0 (включая) до 8.0.5 (исключая)

EPSS

Процентиль: 80%

0.01368

Низкий

9 Critical

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-jgjq-6pv4-6m7c

github

больше 3 лет назад