Search criteria

9 vulnerabilities found for aos-cx_firmware by arubanetworks

FKIE_CVE-2021-29149

Vulnerability from fkie_nvd - Published: 2021-07-22 14:15 - Updated: 2024-11-21 06:00
Severity ?
6.2 (Medium) - CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A local bypass security restrictions vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.
References
security-alert@hpe.comhttps://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txtPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txtPatch, Vendor Advisory
Impacted products
Vendor Product Version
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_6200f -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_6300 -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_6400 -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_8320 -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_8325 -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_8360 -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_8400 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_6200f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CB3993F-B4A6-4016-AF0F-82A23FE34063",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C32F7E4-E184-4F76-8638-017DF29D2FFB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_6400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A013EAE-387B-4C35-9D8F-E2200081E18E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_8320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C93CD9C-1FD4-4E4A-9E3A-8FF19DE0D3AE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_8325:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9645D616-077B-4313-B5EF-155B642CB073",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_8360:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9440291-26BB-4BBD-84BA-B347484839F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_8400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4FB7A6B-69C5-45EF-BE61-23BCF5172836",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A local bypass security restrictions vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability."
    },
    {
      "lang": "es",
      "value": "Se ha detectado una vulnerabilidad de omisi\u00f3n de restricciones de seguridad local en Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series, versiones: Aruba AOS-CX versiones de firmware: 10.04.xxxx - anteriores a 10.04.3070, versiones10.05.xxxx - anteriores a 10.05.0070, versiones 10.06.xxxx - anteriores a 10.06.0110, versiones 10.07.xxxx - anteriores a 10.07.0001. Aruba ha publicado actualizaciones para los dispositivos Aruba AOS-CX que solucionan esta vulnerabilidad de seguridad"
    }
  ],
  "id": "CVE-2021-29149",
  "lastModified": "2024-11-21T06:00:47.203",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "PHYSICAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.2,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 0.3,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-07-22T14:15:08.017",
  "references": [
    {
      "source": "security-alert@hpe.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
    }
  ],
  "sourceIdentifier": "security-alert@hpe.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2021-29148

Vulnerability from fkie_nvd - Published: 2021-07-22 14:15 - Updated: 2024-11-21 06:00
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
A local cross-site scripting (XSS) vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.
References
security-alert@hpe.comhttps://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txtPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txtPatch, Vendor Advisory
Impacted products
Vendor Product Version
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_6200f -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_6300 -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_6400 -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_8320 -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_8325 -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_8360 -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_8400 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_6200f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CB3993F-B4A6-4016-AF0F-82A23FE34063",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C32F7E4-E184-4F76-8638-017DF29D2FFB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_6400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A013EAE-387B-4C35-9D8F-E2200081E18E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_8320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C93CD9C-1FD4-4E4A-9E3A-8FF19DE0D3AE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_8325:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9645D616-077B-4313-B5EF-155B642CB073",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_8360:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9440291-26BB-4BBD-84BA-B347484839F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_8400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4FB7A6B-69C5-45EF-BE61-23BCF5172836",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A local cross-site scripting (XSS) vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability."
    },
    {
      "lang": "es",
      "value": "Se ha detectado una vulnerabilidad local de tipo cross-site scripting (XSS) en Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series, versiones de firmware: Aruba AOS-CX : versiones 10.04.xxxx - anteriores a 10.04.3070, versiones 10.05.xxxx - anteriores a 10.05.0070, versiones 10.06.xxxx - anteriores a 10.06.0110, versiones 10.07.xxxx - anteriores a 10.07.0001. Aruba ha publicado actualizaciones para los dispositivos Aruba AOS-CX, que solucionan esta vulnerabilidad de seguridad"
    }
  ],
  "id": "CVE-2021-29148",
  "lastModified": "2024-11-21T06:00:47.077",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-07-22T14:15:07.980",
  "references": [
    {
      "source": "security-alert@hpe.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
    }
  ],
  "sourceIdentifier": "security-alert@hpe.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2021-29143

Vulnerability from fkie_nvd - Published: 2021-07-22 14:15 - Updated: 2024-11-21 06:00
Severity ?
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.
References
security-alert@hpe.comhttps://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txtVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txtVendor Advisory
Impacted products
Vendor Product Version
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_6200f -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_6300 -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_6400 -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_8320 -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_8325 -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_8360 -
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks aos-cx_firmware *
arubanetworks cx_8400 -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_6200f:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CB3993F-B4A6-4016-AF0F-82A23FE34063",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_6300:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C32F7E4-E184-4F76-8638-017DF29D2FFB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_6400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A013EAE-387B-4C35-9D8F-E2200081E18E",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_8320:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C93CD9C-1FD4-4E4A-9E3A-8FF19DE0D3AE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_8325:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9645D616-077B-4313-B5EF-155B642CB073",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_8360:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9440291-26BB-4BBD-84BA-B347484839F4",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "53B1F32A-5105-4EBE-B109-00614703FB17",
              "versionEndExcluding": "10.04.3070",
              "versionStartIncluding": "10.04.000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1CD3AAE-04C8-4032-BB8E-3F4651793A1C",
              "versionEndExcluding": "10.05.0070",
              "versionStartIncluding": "10.05.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "37B1D827-1B60-4B35-B178-EFD9B3C9E13C",
              "versionEndIncluding": "10.06.0110",
              "versionStartIncluding": "10.06.0000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:arubanetworks:aos-cx_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5713C22-E3AB-415E-B7B8-1FB4B008AA65",
              "versionEndIncluding": "10.07.0001",
              "versionStartIncluding": "10.07.0000",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:arubanetworks:cx_8400:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4FB7A6B-69C5-45EF-BE61-23BCF5172836",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability."
    },
    {
      "lang": "es",
      "value": "Se ha detectado una vulnerabilidad de ejecuci\u00f3n remota de comandos arbitrarios en Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series, versiones de firmware: Aruba AOS-CX : versiones 10.04.xxxx - anteriores a 10.04.3070, versiones 10.05.xxxx - anteriores a 10.05.0070, versiones 10.06.xxxx - anteriores a 10.06.0110, versiones 10.07.xxxx - anteriores a 10.07.0001. Aruba ha publicado actualizaciones para los dispositivos Aruba AOS-CX, que solucionan esta vulnerabilidad de seguridad"
    }
  ],
  "id": "CVE-2021-29143",
  "lastModified": "2024-11-21T06:00:46.450",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-07-22T14:15:07.947",
  "references": [
    {
      "source": "security-alert@hpe.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
    }
  ],
  "sourceIdentifier": "security-alert@hpe.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-78"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2021-29149 (GCVE-0-2021-29149)

Vulnerability from cvelistv5 – Published: 2021-07-22 13:42 – Updated: 2024-08-03 22:02
VLAI?
Summary
A local bypass security restrictions vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.
Severity ?
No CVSS data available.
CWE
  • local bypass security restrictions
Assigner
hpe
References
Impacted products
Vendor Product Version
n/a Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series Affected: Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:02:51.440Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A local bypass security restrictions vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "local bypass security restrictions",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-22T13:42:08",
        "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "shortName": "hpe"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-alert@hpe.com",
          "ID": "CVE-2021-29149",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A local bypass security restrictions vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "local bypass security restrictions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt",
              "refsource": "MISC",
              "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
    "assignerShortName": "hpe",
    "cveId": "CVE-2021-29149",
    "datePublished": "2021-07-22T13:42:08",
    "dateReserved": "2021-03-24T00:00:00",
    "dateUpdated": "2024-08-03T22:02:51.440Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-29148 (GCVE-0-2021-29148)

Vulnerability from cvelistv5 – Published: 2021-07-22 13:37 – Updated: 2024-08-03 22:02
VLAI?
Summary
A local cross-site scripting (XSS) vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.
Severity ?
No CVSS data available.
CWE
  • local cross-site scripting (XSS)
Assigner
hpe
References
Impacted products
Vendor Product Version
n/a Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series Affected: Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:02:51.312Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A local cross-site scripting (XSS) vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "local cross-site scripting (XSS)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-22T13:37:41",
        "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "shortName": "hpe"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-alert@hpe.com",
          "ID": "CVE-2021-29148",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A local cross-site scripting (XSS) vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "local cross-site scripting (XSS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt",
              "refsource": "MISC",
              "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
    "assignerShortName": "hpe",
    "cveId": "CVE-2021-29148",
    "datePublished": "2021-07-22T13:37:41",
    "dateReserved": "2021-03-24T00:00:00",
    "dateUpdated": "2024-08-03T22:02:51.312Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-29143 (GCVE-0-2021-29143)

Vulnerability from cvelistv5 – Published: 2021-07-22 13:31 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.
Severity ?
No CVSS data available.
CWE
  • remote execution of arbitrary commands
Assigner
hpe
References
Impacted products
Vendor Product Version
n/a Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series Affected: Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:02:50.516Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "remote execution of arbitrary commands",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-22T13:31:38",
        "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "shortName": "hpe"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-alert@hpe.com",
          "ID": "CVE-2021-29143",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "remote execution of arbitrary commands"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt",
              "refsource": "MISC",
              "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
    "assignerShortName": "hpe",
    "cveId": "CVE-2021-29143",
    "datePublished": "2021-07-22T13:31:38",
    "dateReserved": "2021-03-24T00:00:00",
    "dateUpdated": "2024-08-03T22:02:50.516Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-29149 (GCVE-0-2021-29149)

Vulnerability from nvd – Published: 2021-07-22 13:42 – Updated: 2024-08-03 22:02
VLAI?
Summary
A local bypass security restrictions vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.
Severity ?
No CVSS data available.
CWE
  • local bypass security restrictions
Assigner
hpe
References
Impacted products
Vendor Product Version
n/a Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series Affected: Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:02:51.440Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A local bypass security restrictions vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "local bypass security restrictions",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-22T13:42:08",
        "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "shortName": "hpe"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-alert@hpe.com",
          "ID": "CVE-2021-29149",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A local bypass security restrictions vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "local bypass security restrictions"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt",
              "refsource": "MISC",
              "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
    "assignerShortName": "hpe",
    "cveId": "CVE-2021-29149",
    "datePublished": "2021-07-22T13:42:08",
    "dateReserved": "2021-03-24T00:00:00",
    "dateUpdated": "2024-08-03T22:02:51.440Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-29148 (GCVE-0-2021-29148)

Vulnerability from nvd – Published: 2021-07-22 13:37 – Updated: 2024-08-03 22:02
VLAI?
Summary
A local cross-site scripting (XSS) vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.
Severity ?
No CVSS data available.
CWE
  • local cross-site scripting (XSS)
Assigner
hpe
References
Impacted products
Vendor Product Version
n/a Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series Affected: Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:02:51.312Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A local cross-site scripting (XSS) vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "local cross-site scripting (XSS)",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-22T13:37:41",
        "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "shortName": "hpe"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-alert@hpe.com",
          "ID": "CVE-2021-29148",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A local cross-site scripting (XSS) vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "local cross-site scripting (XSS)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt",
              "refsource": "MISC",
              "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
    "assignerShortName": "hpe",
    "cveId": "CVE-2021-29148",
    "datePublished": "2021-07-22T13:37:41",
    "dateReserved": "2021-03-24T00:00:00",
    "dateUpdated": "2024-08-03T22:02:51.312Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-29143 (GCVE-0-2021-29143)

Vulnerability from nvd – Published: 2021-07-22 13:31 – Updated: 2024-08-03 22:02
VLAI?
Summary
A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.
Severity ?
No CVSS data available.
CWE
  • remote execution of arbitrary commands
Assigner
hpe
References
Impacted products
Vendor Product Version
n/a Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series Affected: Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:02:50.516Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "remote execution of arbitrary commands",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-07-22T13:31:38",
        "orgId": "eb103674-0d28-4225-80f8-39fb86215de0",
        "shortName": "hpe"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security-alert@hpe.com",
          "ID": "CVE-2021-29143",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "remote execution of arbitrary commands"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt",
              "refsource": "MISC",
              "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "eb103674-0d28-4225-80f8-39fb86215de0",
    "assignerShortName": "hpe",
    "cveId": "CVE-2021-29143",
    "datePublished": "2021-07-22T13:31:38",
    "dateReserved": "2021-03-24T00:00:00",
    "dateUpdated": "2024-08-03T22:02:50.516Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}