CVE-2021-25152

HIGH

Aruba AirWave < 8.2.12.1 - Remote Insecure Deserialization

Title source: llm

Description

A remote insecure deserialization vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has released patches for AirWave Management Platform that address this security vulnerability.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_misc

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-010.txt

Scores

CVSS v3 7.2

EPSS 0.0098

EPSS Percentile 77.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-502

Status published

Products (1)

arubanetworks/airwave < 8.2.12.1

Published Apr 28, 2021

Tracked Since Feb 18, 2026