Описание
An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. This is possible due to the ability to overwrite a file on disk which is subsequently deserialized by the Java application component.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 8.0.0 (включая) до 8.2.10.1 (исключая)
cpe:2.3:a:arubanetworks:airwave:*:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02541
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-502
Связанные уязвимости
github
больше 3 лет назад
An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. This is possible due to the ability to overwrite a file on disk which is subsequently deserialized by the Java application component.
EPSS
Процентиль: 85%
0.02541
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-502