CVE-2021-41003 Information
Jun 07, 2022
cve
Description
Multiple unauthenticated command injection vulnerabilities were discovered in the AOS-CX API interface in Aruba CX 6200F Switch Series Aruba 6300 Switch Series Aruba 6400 Switch Series Aruba 8320 Switch Series Aruba 8325 Switch Series Aruba 8400 Switch Series Aruba CX 8360 Switch Series version(s): AOS-CX 10.06.xxxx: 10.06.0170 and below AOS-CX 10.07.xxxx: 10.07.0050 and below AOS-CX 10.08.xxxx: 10.08.1030 and below AOS-CX 10.09.xxxx: 10.09.0002 and below. Aruba has released upgrades for Aruba AOS-CX devices that address these security vulnerabilities.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Reference
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-004.txt
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
REQUIRED
Confidentiality Impact
CHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
NONE
Base Severity
6.1
Share on: