CVE Vulnerabilities

CVE-2021-25157

Published: Mar 30, 2021 | Modified: Apr 22, 2022
CVSS 3.x
4.9
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.6 and below; Aruba Instant 8.7.x: 8.7.1.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.

Affected Software

Name Vendor Start Version End Version
Instant Arubanetworks 6.4.0.0 (including) 6.4.4.8-4.2.4.18 (including)
Instant Arubanetworks 6.5.0.0 (including) 6.5.4.19 (excluding)
Instant Arubanetworks 8.3.0.0 (including) 8.3.0.15 (excluding)
Instant Arubanetworks 8.5.0.0 (including) 8.5.0.12 (excluding)
Instant Arubanetworks 8.6.0.0 (including) 8.6.0.7 (excluding)
Instant Arubanetworks 8.7.0.0 (including) 8.7.1.1 (excluding)

References