CVE-2020-24641

Name of the Vulnerable Software and Affected Versions: Aruba AirWave Glass versions prior to 1.3.3

Description: The issue is related to a Server-Side Request Forgery vulnerability that can be exploited through an unauthenticated endpoint. If successfully exploited, it can result in the disclosure of sensitive information, allowing for an authentication bypass and ultimately gaining administrative access on the web administrative interface.

Recommendations: For versions prior to 1.3.3, update to version 1.3.3 or later to resolve the issue. As a temporary workaround, consider restricting access to unauthenticated endpoints to minimize the risk of exploitation.