CVE-2021-26964

Name of the Vulnerable Software and Affected Versions: Aruba AirWave Management Platform versions prior to 8.2.12.0

Description: A remote authentication restriction bypass issue was discovered in the AirWave web-based management interface, allowing an authenticated remote attacker to improperly access and modify devices and management user details. This could enable the attacker to escalate privileges and/or change network details they should not have access to.

Recommendations: For versions prior to 8.2.12.0, update to version 8.2.12.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the AirWave web-based management interface to minimize the risk of exploitation.