CVE-2022-37917
published 2022-12-08CVE-2022-37917: Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These…
PriorityP350high8.1CVSS 3.1
AVNACLPRLUINSUCHIHAN
EPSS
0.76%
50.7th percentile
Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These vulnerabilities could allow a remote attacker with limited privileges to gain access to sensitive information and/or change network configurations with privileges at a higher effective level in Aruba AirWave Management Platform version(s): 8.2.15.0 and below.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arubanetworks | airwave | <= 8.2.15.0 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Aruba AirWave Management Platform up to 8.2.15.0 Web-based Management Interface access control (ARUBA-PSA-2022-019 / EUVD-2022-40524)
vuldb·2026-06-20·CVSS 8.1
CVE-2022-37917 [HIGH] Aruba AirWave Management Platform up to 8.2.15.0 Web-based Management Interface access control (ARUBA-PSA-2022-019 / EUVD-2022-40524)
A vulnerability marked as critical has been reported in Aruba AirWave Management Platform up to 8.2.15.0. Impacted is an unknown function of the component Web-based Management Interface. Performing a manipulation results in improper access controls.
This vulnerability is identified as CVE-2022-37917. The attack can be initiated remotely. There is not any exploit available.
GHSA
GHSA-m4vp-q257-m88x: Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls
ghsa_unreviewed·2022-12-08
CVE-2022-37917 [HIGH] CWE-284 GHSA-m4vp-q257-m88x: Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls
Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These vulnerabilities could allow a remote attacker with limited privileges to gain access to sensitive information and/or change network configurations with privileges at a higher effective level in Aruba AirWave Management Platform version(s): 8.2.15.0 and below.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-12-08
Published