CVSS: 6.2EPSS: 0%CPEs: 35EXPL: 0CVE-2021-29149
https://notcve.org/view.php?id=CVE-2021-29149
A local bypass security restrictions vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability. Se ha detectado una vulnerabilidad de omisión de restricciones de seguridad local en Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series, versiones: Aruba AOS-CX versiones de firmware: 10.04.xxxx - anteriores a 10.04.3070, versiones10.05.xxxx - anteriores a 10.05.0070, versiones 10.06.xxxx - anteriores a 10.06.0110, versiones 10.07.xxxx - anteriores a 10.07.0001. Aruba ha publicado actualizaciones para los dispositivos Aruba AOS-CX que solucionan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt •
CVSS: 6.1EPSS: 0%CPEs: 35EXPL: 0CVE-2021-29148
https://notcve.org/view.php?id=CVE-2021-29148
A local cross-site scripting (XSS) vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability. Se ha detectado una vulnerabilidad local de tipo cross-site scripting (XSS) en Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series, versiones de firmware: Aruba AOS-CX : versiones 10.04.xxxx - anteriores a 10.04.3070, versiones 10.05.xxxx - anteriores a 10.05.0070, versiones 10.06.xxxx - anteriores a 10.06.0110, versiones 10.07.xxxx - anteriores a 10.07.0001. Aruba ha publicado actualizaciones para los dispositivos Aruba AOS-CX, que solucionan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 35EXPL: 0CVE-2021-29143
https://notcve.org/view.php?id=CVE-2021-29143
A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability. Se ha detectado una vulnerabilidad de ejecución remota de comandos arbitrarios en Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series, versiones de firmware: Aruba AOS-CX : versiones 10.04.xxxx - anteriores a 10.04.3070, versiones 10.05.xxxx - anteriores a 10.05.0070, versiones 10.06.xxxx - anteriores a 10.06.0110, versiones 10.07.xxxx - anteriores a 10.07.0001. Aruba ha publicado actualizaciones para los dispositivos Aruba AOS-CX, que solucionan esta vulnerabilidad de seguridad • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2020-7121
https://notcve.org/view.php?id=CVE-2020-7121
Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found. Successful exploitation of these vulnerabilities could result in Local Denial of Service of the LLDP (Link Layer Discovery Protocol) process in the switch. This applies to firmware versions prior to 10.04.3021. Se han encontrado dos vulnerabilidades de corrupción de memoria en Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325 y 8400. Una explotación con éxito de estas vulnerabilidades podría resultar en la Denegación de Servicio Local del proceso LLDP (Link Layer Discovery Protocol) en el switch. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-009.txt • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2020-7122
https://notcve.org/view.php?id=CVE-2020-7122
Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found. Successful exploitation of these vulnerabilities could result in Local Denial of Service of the CDP (Cisco Discovery Protocol) process in the switch. This applies to firmware versions prior to 10.04.1000. Se han encontrado dos vulnerabilidades de corrupción de memoria en Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, y 8400. Una explotación con éxito de estas vulnerabilidades podría resultar en una Denegación de Servicio Local del Proceso CDP (Cisco Discovery Protocol) en el switch. • https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-009.txt • CWE-787: Out-of-bounds Write •