CVE-2021-26962

Name of the Vulnerable Software and Affected Versions: Aruba AirWave Management Platform versions prior to 8.2.12.0

Description: A remote authenticated arbitrary command execution issue was discovered in the AirWave CLI, allowing remote authenticated users to run arbitrary commands on the underlying host. This could enable an attacker to execute arbitrary commands as root on the underlying operating system, leading to full system compromise.

Recommendations: For versions prior to 8.2.12.0, update to version 8.2.12.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the AirWave CLI to minimize the risk of exploitation.