Security Warnings

Classification
These posts contain security warnings, including digital loopholes, electronic attacks, technical updates, and they are classified base on the level of severity.

Critical

High

Medium

Low

Aruba Update

230

Warning Date: 13 January, 2021

Severity Level ● Critical

Warning Number: 2021-2315

Target Sector: All

Description:

Aruba has released a security update to address several vulnerabilities in the following product:

  • AirWave Glass
    • 1.3.2 and below

Threats:

An attacker could exploit these vulnerabilities by doing the following:

  • Server-side request forgery (SSRF)
  • Remote Command Injection
  • Remote Command Execution

Best practice and Recommendations:

The CERT team encourages users to review Aruba security advisory and apply the necessary update:

Last updated at 13 January, 2021