PT-2021-18113 · Aruba · Aruba 8320 Switch Series+7

Published

2021-07-22

·

Updated

2022-07-12

·

CVE-2021-29149

CVSS v3.1

6.2

Medium

VectorAV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions: Aruba CX 6200F Switch Series versions prior to 10.04.3070 Aruba 6300 Switch Series versions prior to 10.04.3070 Aruba 6400 Switch Series versions prior to 10.04.3070 Aruba 8320 Switch Series versions prior to 10.04.3070 Aruba 8325 Switch Series versions prior to 10.04.3070 Aruba 8400 Switch Series versions prior to 10.04.3070 Aruba CX 8360 Switch Series versions prior to 10.04.3070 Aruba AOS-CX firmware versions 10.04.xxxx through 10.04.3069 Aruba AOS-CX firmware versions 10.05.xxxx through 10.05.0069 Aruba AOS-CX firmware versions 10.06.xxxx through 10.06.0109 Aruba AOS-CX firmware versions 10.07.xxxx through 10.07.0000
Description: A local bypass security restrictions issue was discovered in various Aruba switch series. The issue allows for security restrictions to be bypassed locally. Aruba has released upgrades for Aruba AOS-CX devices that address this security issue.
Recommendations: For Aruba CX 6200F Switch Series versions prior to 10.04.3070, update to version 10.04.3070 or later. For Aruba 6300 Switch Series versions prior to 10.04.3070, update to version 10.04.3070 or later. For Aruba 6400 Switch Series versions prior to 10.04.3070, update to version 10.04.3070 or later. For Aruba 8320 Switch Series versions prior to 10.04.3070, update to version 10.04.3070 or later. For Aruba 8325 Switch Series versions prior to 10.04.3070, update to version 10.04.3070 or later. For Aruba 8400 Switch Series versions prior to 10.04.3070, update to version 10.04.3070 or later. For Aruba CX 8360 Switch Series versions prior to 10.04.3070, update to version 10.04.3070 or later. For Aruba AOS-CX firmware versions 10.04.xxxx through 10.04.3069, update to version 10.04.3070 or later. For Aruba AOS-CX firmware versions 10.05.xxxx through 10.05.0069, update to version 10.05.0070 or later. For Aruba AOS-CX firmware versions 10.06.xxxx through 10.06.0109, update to version 10.06.0110 or later. For Aruba AOS-CX firmware versions 10.07.xxxx through 10.07.0000, update to version 10.07.0001 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2021-29149

Affected Products

Aruba 6300 Switch Series
Aruba 6400 Switch Series
Aruba 8320 Switch Series
Aruba 8325 Switch Series
Aruba 8400 Switch Series
Aruba Aos-Cx
Aruba Cx 6200F Switch Series
Aruba Cx 8360 Switch Series