Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2021-41001

Опубликовано: 02 мар. 2022
Источник: nvd
CVSS3: 8.8
CVSS2: 9
EPSS Низкий

Описание

An authenticated remote code execution vulnerability was discovered in the AOS-CX Network Analytics Engine (NAE) in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): AOS-CX 10.07.xxxx: 10.07.0050 and below, AOS-CX 10.08.xxxx: 10.08.1030 and below, AOS-CX 10.09.xxxx: 10.09.0002 and below. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*
Версия от 10.07.0001 (включая) до 10.07.0050 (включая)
cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*
Версия от 10.08.0001 (включая) до 10.08.1030 (включая)
cpe:2.3:o:hpe:arubaos-cx:*:*:*:*:*:*:*:*
Версия от 10.09.0001 (включая) до 10.09.0002 (включая)

Одно из

cpe:2.3:h:hpe:aruba_8320:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:aruba_8325-32-c:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:aruba_8325-48y8c:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:aruba_8360-12c:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:aruba_8360-16y2c:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:aruba_8360-24xf2c:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:aruba_8360-32y4c:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:aruba_8360-48xt4c:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:aruba_8400x:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:aruba_cx_6200f:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:aruba_cx_6300f:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:aruba_cx_6300m:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:aruba_cx_6405:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:aruba_cx_6410:-:*:*:*:*:*:*:*

EPSS

Процентиль: 90%
0.05606
Низкий

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-77

Связанные уязвимости

github логотип

GHSA-vq8p-4q42-4p9w

CVSS3: 8.8
github
почти 4 года назад

An authenticated remote code execution vulnerability was discovered in the AOS-CX Network Analytics Engine (NAE) in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): AOS-CX 10.07.xxxx: 10.07.0050 and below, AOS-CX 10.08.xxxx: 10.08.1030 and below, AOS-CX 10.09.xxxx: 10.09.0002 and below. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.

EPSS

Процентиль: 90%
0.05606
Низкий

8.8 High

CVSS3

9 Critical

CVSS2

Дефекты

CWE-77