CVE-2021-25163
Description
A remote XML external entity vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability.
CvssV3 impact
BaseSeverity | HIGH |
ConfidentialityImpact | HIGH |
AttackComplexity | LOW |
Scope | UNCHANGED |
AttackVector | NETWORK |
AvailabilityImpact | HIGH |
IntegrityImpact | NONE |
PrivilegesRequired | LOW |
BaseScore | 8.1 |
VectorString | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H |
Version | 3.1 |
UserInteraction | NONE |
CvssV2 impact
AccessComplexity | LOW |
ConfidentialityImpact | PARTIAL |
AvailabilityImpact | PARTIAL |
IntegrityImpact | NONE |
BaseScore | 5.5 |
VectorString | AV:N/AC:L/Au:S/C:P/I:N/A:P |
Version | 2.0 |
AccessVector | NETWORK |
Authentication | SINGLE |