CVE-2019-5326

Summary

An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. This is possible due to the ability to overwrite a file on disk which is subsequently deserialized by the Java application component.

Affected Software

VendorProductVersion RangeStatus
n/aAirWave Management Platform8.x prior to 8.2.10.1affected

Weaknesses

  • Remote Code Execution due to unsafe Java Deserialization

ADP Enrichment

CVE Program Container

Additional References

References