CVE Vulnerabilities

CVE-2021-25159

Published: Mar 30, 2021 | Modified: Apr 22, 2022
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
CVSS 2.x
8.5 HIGH
AV:N/AC:L/Au:S/C:N/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.7 and below; Aruba Instant 8.7.x: 8.7.1.1 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.

Affected Software

Name Vendor Start Version End Version
Instant Arubanetworks 6.4.0.0 (including) 6.4.4.8-4.2.4.18 (including)
Instant Arubanetworks 6.5.0.0 (including) 6.5.4.19 (excluding)
Instant Arubanetworks 8.3.0.0 (including) 8.3.0.15 (excluding)
Instant Arubanetworks 8.5.0.0 (including) 8.5.0.12 (excluding)
Instant Arubanetworks 8.6.0.0 (including) 8.6.0.8 (excluding)
Instant Arubanetworks 8.7.0.0 (including) 8.7.1.2 (excluding)

References