Aruba Airwave VisualRF File Overwrite and Code Execution Vulnerability

Aruba Airwave VisualRF File Overwrite and Code Execution Vulnerability

CVE-2019-5326 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

An administrative application user of or application user with write access to Aruba Airwave VisualRF is able to obtain code execution on the AMP platform. This is possible due to the ability to overwrite a file on disk which is subsequently deserialized by the Java application component.

Learn more about our User Device Pen Test.