CVE-2022-37916
published 2022-12-08CVE-2022-37916: Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These…
PriorityP350high8.1CVSS 3.1
AVNACLPRLUINSUCHIHAN
EPSS
0.76%
50.7th percentile
Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These vulnerabilities could allow a remote attacker with limited privileges to gain access to sensitive information and/or change network configurations with privileges at a higher effective level in Aruba AirWave Management Platform version(s): 8.2.15.0 and below.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arubanetworks | airwave | <= 8.2.15.0 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Aruba AirWave Management Platform up to 8.2.15.0 Web-based Management Interface access control (ARUBA-PSA-2022-019 / EUVD-2022-40523)
vuldb·2026-06-20·CVSS 8.1
CVE-2022-37916 [HIGH] Aruba AirWave Management Platform up to 8.2.15.0 Web-based Management Interface access control (ARUBA-PSA-2022-019 / EUVD-2022-40523)
A vulnerability labeled as critical has been found in Aruba AirWave Management Platform up to 8.2.15.0. This issue affects some unknown processing of the component Web-based Management Interface. Such manipulation leads to improper access controls.
This vulnerability is referenced as CVE-2022-37916. It is possible to launch the attack remotely. No exploit is available.
GHSA
GHSA-4w4g-w5xw-9p3m: Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls
ghsa_unreviewed·2022-12-08
CVE-2022-37916 [HIGH] CWE-284 GHSA-4w4g-w5xw-9p3m: Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls
Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These vulnerabilities could allow a remote attacker with limited privileges to gain access to sensitive information and/or change network configurations with privileges at a higher effective level in Aruba AirWave Management Platform version(s): 8.2.15.0 and below.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-12-08
Published