Main Vulnerability Database Vulnerabilities #VU107588

#VU107588 Information disclosure in AirWave Management Platform - CVE-2023-4896

Published: April 17, 2025

Vulnerability identifier: #VU107588

Vulnerability risk: Medium

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2023-4896

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
AirWave Management Platform

Software vendor:
Aruba Networks

Description

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application. A remote user can gain access to some data that could be further exploited to laterally access devices managed and monitored by the AirWave server.

Remediation

Install updates from vendor's website.

External links

https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-015.txt

#VU107588 Information disclosure in AirWave Management Platform - CVE-2023-4896

Description

Remediation

External links

Please verify you're human