-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Aruba Product Security Advisory  ===============================  Advisory ID: ARUBA-PSA-2020-002  CVE: CVE-2019-5323, CVE-2019-5326  Publication Date: 2020-Feb-25  Status: Confirmed  Revision: 1        Title  =====  AirWave Management Platform Multiple Vulnerabilities       Overview  ========  Multiple Remote Code Execution Vulnerabilities have been uncovered in the AirWave Management Platform. An attacker who is able to exploit these vulnerabilities could run untrusted arbitrary commands or code on the AirWave platform. All three vulnerabilities require the attacker to be authenticated to the administrative interface of AirWave.       Affected Products  =================  -- AirWave Management Platform 8.x prior to 8.2.10.1        Details  =======     Remote Code Execution via Command Injection (CVE-2019-5323) ----------------------------------------------------------- There are command injection vulnerabilities present in the AirWave application. Certain input fields controlled by an administrative user are not properly sanitized before being parsed by AirWave. If conditions are met, an attacker can obtain command execution on the host. Internal reference: ATLAW-15, ATLAW-16 Severity: MEDIUM CVSSv3 Overall Score: 6.3 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L Remote Code Execution due to unsafe Java Deserialization (CVE-2019-5326) ------------------------------------------------------------------------ An administrative application user or application user with write access to VisualRF is able to obtain code execution on the AMP platform. This is possible due to the ability to overwrite a file on disk which is subsequently deserialized by the Java application component. Internal reference: ATLAW-17 Severity: MEDIUM CVSSv3 Overall Score: 6.3 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L       Resolution  ==========  These vulnerabilities are resolved by upgrading to AirWave version 8.2.10.1 or higher. Discovery ========= Aruba would like to thank the following researcher for discovering and reporting this vulnerability: - grouptherapy       Workarounds =========== Restrict low-privilege AirWave console users from accessing the administrative interface until software can be upgraded.    Exploitation and Public Discussion  ==================================  Aruba is not aware of any public discussion or exploit code related to this issue.       Revision History  ================           Revision 1 / 2020-Feb-25 / Initial release           Aruba SIRT Security Procedures  ==============================  Complete information on reporting security vulnerabilities in Aruba Networks  products, obtaining assistance with security incidents is available at:     http://www.arubanetworks.com/support-services/security-bulletins/     For reporting *NEW* Aruba Networks security issues, email can be sent to  aruba-sirt(at)hpe.com. For sensitive information we encourage the use of  PGP encryption. Our public keys can be found at:     http://www.arubanetworks.com/support-services/security-bulletins/     (c) Copyright 2020 by Aruba, a Hewlett Packard Enterprise company.  This advisory may be redistributed freely after the release date given   at the top of the text, provided that the redistributed copies are   complete and unmodified, including all data and version information.   -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEMd5pP5EnbG7Y0fo5mP4JykWFhtkFAl5N7w4ACgkQmP4JykWF htlJBwf+LHj3BBT0OKUsY1EhmJHXeHvMmoPNgWMerogYZSLKUqj57QCkW/r7exi9 qTuFf4v08rFCfiQosu5JC/Yr6vMFPXnHUxTfZFFuyDdlECEKSvF5T6HirEnSLWv1 Uon0j7dc6vx61LOkYJGIIlQ2K8POz3xGQDVvWulKkQgpQlqSqA4Ms7zMNueOXNQS 4TzI/v1/fWsWUvMnToei7ADQWD4xXo0Qa44iJUkNacrEN0CqZjVxmi6/MRzqVIBF rbQkpGAXV4AAkXaWqpFQGMtUbY3xfZQdLuGmpXp5hhORYCimfvq1BS5PKtMJ6Fjm PJ28E34XhboYK9WJH53yXdReHiSubQ== =0zV/ -----END PGP SIGNATURE-----