CyberSec.Space Logo
Back to CVE Browser

CVE-2021-41000

HIGH
8.8
CVSS Severity Score
EPSS Score0.1480%
EPSS Percentile17.31th
PublishedMar 2, 2022
Last ModifiedNov 21, 2024

Vulnerability Description

Multiple authenticated remote code execution vulnerabilities were discovered in the AOS-CX command line interface in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): AOS-CX 10.06.xxxx: 10.06.0170 and below, AOS-CX 10.07.xxxx: 10.07.0050 and below, AOS-CX 10.08.xxxx: 10.08.1030 and below. Aruba has released upgrades for Aruba AOS-CX devices that address these security vulnerabilities.

Affected Platforms (CPE)

💻
Hpe

Arubaos Cx

>= 10.06.0001 and <= 10.06.0170
💻
Hpe

Arubaos Cx

>= 10.07.0001 and <= 10.07.0020
💻
Hpe

Arubaos Cx

= 10.08.0001

References & Advisories

🔗 https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-004.txt
🔗 https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-004.txt

Related Vulnerabilities

CVE-2008-702310.0

Aruba Mobility Controller running ArubaOS 3.3.1.16, and possibly other versions, installs the same default X.509 certificate for a...

CVE-2018-70819.8

A remote code execution vulnerability is present in network-listening components in some versions of ArubaOS. An attacker with the...

CVE-2017-90009.8

ArubaOS, all versions prior to 6.3.1.25, 6.4 prior to 6.4.4.16, 6.5.x prior to 6.5.1.9, 6.5.2, 6.5.3 prior to 6.5.3.3, 6.5.4 prior...

CVE-2021-377169.8

A remote buffer overflow vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software versi...