cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

I found a security bug on Aerohive Manager Dashboard, I sent a report to Aerohive Sec team security@aerohive.com. But 2 months ago, they have not replied to my email.

I found a security bug on Aerohive Manager Dashboard, I sent a report to Aerohive Sec team security@aerohive.com. But 2 months ago, they have not replied to my email.

tuatnh1
New Contributor
I found a security bug on Aerohive Manager Dashboard, I sent a report to Aerohive Sec team security@aerohive.com. But 2 months ago, they have not replied to my email.
8 REPLIES 8

tuatnh1
New Contributor

Hi,

Can help me ask your Security team How about "that is very unlikely to be practically exploitable" ?

Because in this case, I just need to search google who is using Aerohive products on Hive Manager to be able to execute "Reflect XSS" attacks.

If they answer this vulnerability is not valid, can I publish it on the internet?

tuatnh1
New Contributor

Sound Good, Can you ask security team help me request CVE id for my report ?ā€‹

Thanks for repply.ā€‹

samantha_lynn
Esteemed Contributor III

Thank you for your patience, I have sent our security teams response to you via email.

samantha_lynn
Esteemed Contributor III

Thank you, I see that email and I will inquire further for you on my end. I'll let you know as soon as I have more information, please don't hesitate to check in with me periodically if you haven't heard back.

GTM-P2G8KFN