CVE-2022-37918
published 2022-12-08CVE-2022-37918: Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These…
PriorityP350high8.1CVSS 3.1
AVNACLPRLUINSUCHIHAN
EPSS
0.76%
50.7th percentile
Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These vulnerabilities could allow a remote attacker with limited privileges to gain access to sensitive information and/or change network configurations with privileges at a higher effective level in Aruba AirWave Management Platform version(s): 8.2.15.0 and below.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arubanetworks | airwave | <= 8.2.15.0 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Aruba AirWave Management Platform up to 8.2.15.0 Web-based Management Interface access control (ARUBA-PSA-2022-019 / EUVD-2022-40525)
vuldb·2026-06-20·CVSS 8.1
CVE-2022-37918 [HIGH] Aruba AirWave Management Platform up to 8.2.15.0 Web-based Management Interface access control (ARUBA-PSA-2022-019 / EUVD-2022-40525)
A vulnerability described as critical has been identified in Aruba AirWave Management Platform up to 8.2.15.0. The affected element is an unknown function of the component Web-based Management Interface. Executing a manipulation can lead to improper access controls.
This vulnerability is tracked as CVE-2022-37918. The attack can be launched remotely. No exploit exists.
GHSA
GHSA-9v63-c998-mq62: Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls
ghsa_unreviewed·2022-12-08
CVE-2022-37918 [HIGH] CWE-284 GHSA-9v63-c998-mq62: Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls
Vulnerabilities in the AirWave Management Platform web-based management interface exist which expose some URLs to a lack of proper access controls. These vulnerabilities could allow a remote attacker with limited privileges to gain access to sensitive information and/or change network configurations with privileges at a higher effective level in Aruba AirWave Management Platform version(s): 8.2.15.0 and below.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-12-08
Published