CVE-2021-25141
Severity Score
4.4
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A security vulnerability has been identified in in certain HPE and Aruba L2/L3 switch firmware. A data processing error due to improper handling of an unexpected data type in user supplied information to the switch's management interface has been identified. The data processing error could be exploited to cause a crash or reboot in the switch management interface and/or possibly the switch itself leading to local denial of service (DoS). The user must have administrator privileges to exploit this vulnerability.
Se ha identificado una vulnerabilidad de seguridad en determinado firmware del switch HPE y Aruba L2/L3. Se identificó un error de procesamiento de datos debido al manejo inapropiado de un tipo de datos inesperado en la información suministrada por el usuario a la interfaz de administración del switch. El error de procesamiento de datos podría ser explotado para causar un bloqueo o reinicio en la interfaz de administración del switch y/o posiblemente el propio switch, conllevando a una denegación de servicio (DoS) local. El usuario debe tener privilegios de administrador para explotar esta vulnerabilidad
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2021-01-14 CVE Reserved
- 2021-02-09 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbnw04082en_us | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Arubanetworks Search vendor "Arubanetworks" | Aruba 5406r Zl2 Firmware Search vendor "Arubanetworks" for product "Aruba 5406r Zl2 Firmware" | < kb.16.10.0012 Search vendor "Arubanetworks" for product "Aruba 5406r Zl2 Firmware" and version " < kb.16.10.0012" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Aruba 5406r Zl2 Search vendor "Arubanetworks" for product "Aruba 5406r Zl2" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aruba 5412r Zl2 Firmware Search vendor "Arubanetworks" for product "Aruba 5412r Zl2 Firmware" | < kb.16.10.0012 Search vendor "Arubanetworks" for product "Aruba 5412r Zl2 Firmware" and version " < kb.16.10.0012" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Aruba 5412r Zl2 Search vendor "Arubanetworks" for product "Aruba 5412r Zl2" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aruba 3810m Firmware Search vendor "Arubanetworks" for product "Aruba 3810m Firmware" | < kb.16.10.0012 Search vendor "Arubanetworks" for product "Aruba 3810m Firmware" and version " < kb.16.10.0012" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Aruba 3810m Search vendor "Arubanetworks" for product "Aruba 3810m" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aruba 2930m Firmware Search vendor "Arubanetworks" for product "Aruba 2930m Firmware" | < wc.16.10.0012 Search vendor "Arubanetworks" for product "Aruba 2930m Firmware" and version " < wc.16.10.0012" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Aruba 2930m Search vendor "Arubanetworks" for product "Aruba 2930m" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aruba 2930f Firmware Search vendor "Arubanetworks" for product "Aruba 2930f Firmware" | < wc.16.10.0012 Search vendor "Arubanetworks" for product "Aruba 2930f Firmware" and version " < wc.16.10.0012" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Aruba 2930f Search vendor "Arubanetworks" for product "Aruba 2930f" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aruba 2920 Firmware Search vendor "Arubanetworks" for product "Aruba 2920 Firmware" | < wb.16.10.0011 Search vendor "Arubanetworks" for product "Aruba 2920 Firmware" and version " < wb.16.10.0011" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Aruba 2920 Search vendor "Arubanetworks" for product "Aruba 2920" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aruba 2540 Firmware Search vendor "Arubanetworks" for product "Aruba 2540 Firmware" | < yc.16.10.0012 Search vendor "Arubanetworks" for product "Aruba 2540 Firmware" and version " < yc.16.10.0012" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Aruba 2540 Search vendor "Arubanetworks" for product "Aruba 2540" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aruba 2530ya Firmware Search vendor "Arubanetworks" for product "Aruba 2530ya Firmware" | < ya.16.10.0012 Search vendor "Arubanetworks" for product "Aruba 2530ya Firmware" and version " < ya.16.10.0012" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Aruba 2530ya Search vendor "Arubanetworks" for product "Aruba 2530ya" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aruba 3800 Firmware Search vendor "Arubanetworks" for product "Aruba 3800 Firmware" | < ka.16.04.0022 Search vendor "Arubanetworks" for product "Aruba 3800 Firmware" and version " < ka.16.04.0022" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Aruba 3800 Search vendor "Arubanetworks" for product "Aruba 3800" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aruba 2620 Firmware Search vendor "Arubanetworks" for product "Aruba 2620 Firmware" | < ra.16.04.0022 Search vendor "Arubanetworks" for product "Aruba 2620 Firmware" and version " < ra.16.04.0022" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Aruba 2620 Search vendor "Arubanetworks" for product "Aruba 2620" | - | - |
Safe
|
| Hpe Search vendor "Hpe" | 8200 Zl Firmware Search vendor "Hpe" for product "8200 Zl Firmware" | < k.15.18.0024 Search vendor "Hpe" for product "8200 Zl Firmware" and version " < k.15.18.0024" | - |
Affected
| in | Hpe Search vendor "Hpe" | 8200 Zl Search vendor "Hpe" for product "8200 Zl" | - | - |
Safe
|
| Hpe Search vendor "Hpe" | 6200 Yl Firmware Search vendor "Hpe" for product "6200 Yl Firmware" | < k.15.18.0024 Search vendor "Hpe" for product "6200 Yl Firmware" and version " < k.15.18.0024" | - |
Affected
| in | Hpe Search vendor "Hpe" | 6200 Yl Search vendor "Hpe" for product "6200 Yl" | - | - |
Safe
|
| Hpe Search vendor "Hpe" | 3500 Firmware Search vendor "Hpe" for product "3500 Firmware" | < k.16.02.0032 Search vendor "Hpe" for product "3500 Firmware" and version " < k.16.02.0032" | - |
Affected
| in | Hpe Search vendor "Hpe" | 3500 Search vendor "Hpe" for product "3500" | - | - |
Safe
|
| Hpe Search vendor "Hpe" | 3500 Yl Firmware Search vendor "Hpe" for product "3500 Yl Firmware" | < k.16.02.0032 Search vendor "Hpe" for product "3500 Yl Firmware" and version " < k.16.02.0032" | - |
Affected
| in | Hpe Search vendor "Hpe" | 3500 Yl Search vendor "Hpe" for product "3500 Yl" | - | - |
Safe
|
| Arubanetworks Search vendor "Arubanetworks" | Aruba 2530yb Firmware Search vendor "Arubanetworks" for product "Aruba 2530yb Firmware" | < yb.16.10.0012 Search vendor "Arubanetworks" for product "Aruba 2530yb Firmware" and version " < yb.16.10.0012" | - |
Affected
| in | Arubanetworks Search vendor "Arubanetworks" | Aruba 2530yb Search vendor "Arubanetworks" for product "Aruba 2530yb" | - | - |
Safe
|