There are command injection vulnerabilities present in the AirWave application. Certain input fields controlled by an administrative user are not properly sanitized before being parsed by AirWave. If conditions are met, an attacker can obtain command execution on the host.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: hpe
Published: 2020-02-27T16:20:29
Updated: 2024-08-04T19:54:53.113Z
Reserved: 2019-01-04T00:00:00
Link: CVE-2019-5323
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-02-27T17:15:11.690
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-5323
Redhat
No data.