CVE-2022-37917

Name of the Vulnerable Software and Affected Versions Aruba AirWave Management Platform versions 8.2.15.0 and below

Description The issue concerns a lack of proper access controls in the web-based management interface of the AirWave Management Platform, potentially allowing a remote attacker with limited privileges to access sensitive information or modify network configurations with elevated privileges.

Recommendations For versions 8.2.15.0 and below, consider restricting access to the web-based management interface until a fix is available. As a temporary workaround, limit privileges for all users to minimize the risk of exploitation. Avoid using the interface for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.