CVE-2021-37731

Name of the Vulnerable Software and Affected Versions: Aruba SD-WAN Software and Gateways versions prior to 8.6.0.0-2.2.0.4 Aruba Operating System Software versions prior to 8.7.1.1 Aruba Operating System Software versions prior to 8.6.0.7 Aruba Operating System Software versions prior to 8.5.0.12 Aruba Operating System Software versions prior to 8.3.0.16

Description: A local path traversal vulnerability was discovered in Aruba SD-WAN Software and Gateways and Aruba Operating System Software. This issue allows for a local path traversal attack. Aruba has released patches that address this security issue.

Recommendations: For Aruba SD-WAN Software and Gateways version prior to 8.6.0.0-2.2.0.4, apply the released patch to fix the vulnerability. For Aruba Operating System Software version prior to 8.7.1.1, apply the released patch to fix the vulnerability. For Aruba Operating System Software version prior to 8.6.0.7, apply the released patch to fix the vulnerability. For Aruba Operating System Software version prior to 8.5.0.12, apply the released patch to fix the vulnerability. For Aruba Operating System Software version prior to 8.3.0.16, apply the released patch to fix the vulnerability.