In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Forgery vulnerability through an unauthenticated endpoint that if successfully exploited can result in disclosure of sensitive information. This can be used to perform an authentication bypass and ultimately gain administrative access on the web administrative interface.
References
Link | Resource |
---|---|
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-001.txt | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hpe
Published: 2021-01-15T18:26:04
Updated: 2021-01-15T18:26:04
Reserved: 2020-08-25T00:00:00
Link: CVE-2020-24641
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-01-15T19:15:13.703
Modified: 2021-07-21T11:39:23.747
Link: CVE-2020-24641
JSON object: View
Redhat Information
No data.