CVE-2021-29148
6.1
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Exploitability: 2.8 / Impact: 2.7
Source: NVD
Description
A local cross-site scripting (XSS) vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.
Affected (4)
Products: Arubanetworks: Aos Cx Firmware
Configuration A
| Running on/with | Platform Versions |
|---|---|
Arubanetworks Cx 6200f | All versions |
Configuration B
| Running on/with | Platform Versions |
|---|---|
Arubanetworks Cx 6300 | All versions |
Configuration C
| Running on/with | Platform Versions |
|---|---|
Arubanetworks Cx 6400 | All versions |
Configuration D
| Running on/with | Platform Versions |
|---|---|
Arubanetworks Cx 8320 | All versions |
Configuration E
| Running on/with | Platform Versions |
|---|---|
Arubanetworks Cx 8325 | All versions |
Configuration F
| Running on/with | Platform Versions |
|---|---|
Arubanetworks Cx 8360 | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| From 10.04.000 to 10.04.3070 |
| Running on/with | Platform Versions |
|---|---|
Arubanetworks Cx 8400 | All versions |
References (2)
Source: security-alert@hpe.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Timeline
No history available yet.