CVE-2020-24639

Summary

There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system.

Affected Software

VendorProductVersion RangeStatus
n/aAruba AirWave Glass SoftwarePrior to 1.3.3affected

Weaknesses

  • Unauthenticated Arbitrary Code Execution in Web Administrative Interface

ADP Enrichment

CVE Program Container

Additional References

References