Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:aruba_airwave_glass_software:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductAruba Airwave Glass Software (c874b316-f4b3-5c18-ad35-55a763fc485a)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2020-24641 vulnerable 2026-06-08 05:22:35.192505 Details available
In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Forgery vulnerability through an unauthenticated endpoint that if successfully exploited can result in disclosure of sensitive information. This can be used to perform an authentication bypass and ultimately gain administrative access on the web administrative interface.
Published: 2021-01-15T18:26:04.000Z
Updated: 2024-08-04T15:19:08.639Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-24640 vulnerable 2026-06-08 05:22:35.192129 Details available
There is a vulnerability caused by insufficient input validation that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system.
Published: 2021-01-15T18:48:35.000Z
Updated: 2024-08-04T15:19:08.922Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-24639 vulnerable 2026-06-08 05:22:35.191434 Details available
There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system.
Published: 2021-01-15T18:33:41.000Z
Updated: 2024-08-04T15:19:09.284Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2020-24638 vulnerable 2026-06-08 05:22:35.190956 Details available
Multiple authenticated remote command executions are possible in Airwave Glass before 1.3.3 via the glassadmin cli. These allow for a user with glassadmin privileges to execute arbitrary code as root on the underlying host operating system.
Published: 2021-01-15T18:29:17.000Z
Updated: 2024-08-04T15:19:08.901Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.