CVE-2021-37722

Name of the Vulnerable Software and Affected Versions: Aruba SD-WAN Software and Gateways versions prior to 8.6.0.4-2.2.0.4 Aruba Operating System Software versions prior to 8.7.1.4 Aruba Operating System Software versions prior to 8.6.0.9 Aruba Operating System Software versions prior to 8.5.0.13 Aruba Operating System Software versions prior to 8.3.0.16 Aruba Operating System Software version 6.5.4.20 Aruba Operating System Software version 6.4.4.25

Description: A remote arbitrary command execution issue was discovered in Aruba SD-WAN Software and Gateways. This allows for the execution of commands by remote attackers. Aruba has released patches that address this security issue.

Recommendations: For Aruba SD-WAN Software and Gateways version prior to 8.6.0.4-2.2.0.4, apply the released patch to fix the issue. For Aruba Operating System Software version prior to 8.7.1.4, apply the released patch to fix the issue. For Aruba Operating System Software version prior to 8.6.0.9, apply the released patch to fix the issue. For Aruba Operating System Software version prior to 8.5.0.13, apply the released patch to fix the issue. For Aruba Operating System Software version prior to 8.3.0.16, apply the released patch to fix the issue. For Aruba Operating System Software version 6.5.4.20, apply the released patch to fix the issue. For Aruba Operating System Software version 6.4.4.25, apply the released patch to fix the issue.