VDB

CVE-2024-54008

CVE-2024-54008 PUBLISHED CVSS 7.199999809265137 HIGH

An authenticated Remote Code Execution (RCE) vulnerability exists in the AirWave CLI. Successful exploitation of this vulnerability could allow a remote authenticated threat actor to run arbitrary commands as a privileged user on the underlying host.

EPSS 2.35% · 85.2th percentile

Risk Scores

CVSS 3.1
7.199999809265137
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
2.35%
85.2th percentile

Affected Products

VendorProductVersions
Hewlett Packard Enterprise (HPE)HPE Aruba Networking AirWave Management Platform8.0.0.0

Timeline

  • Dec 10, 2024 CVE Published
  • Dec 11, 2024 EPSS Score
  • Dec 11, 2024 CVE Updated
  • Dec 28, 2024 EPSS Score
  • Jan 13, 2025 EPSS Score
  • Jan 30, 2025 EPSS Score
  • Mar 5, 2025 EPSS Score
  • Mar 21, 2025 EPSS Score
  • Apr 7, 2025 EPSS Score
  • Apr 9, 2025 Coalition ESS Score
  • Apr 24, 2025 EPSS Score
  • May 11, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›