CVE-2021-29149 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-29149 PUBLISHED CVSS 6.199999809265137 MEDIUM

A local bypass security restrictions vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.

EPSS 0.06% · 17.5th percentile

Risk Scores

CVSS v3.1

6.199999809265137

CVSS:3.1/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.06%

17.5th percentile

Affected Products

Vendor	Product	Versions
n/a	Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series	Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001
arubanetworks	aos-cx_firmware	10.04.000, 10.05.0000, 10.06.0000

Timeline

Jul 22, 2021 CVE Published
Jul 23, 2021 EPSS Score
Sep 20, 2021 EPSS Score
Nov 18, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Jan 15, 2022 EPSS Score
Apr 1, 2022 EPSS Score
May 13, 2022 EPSS Score
Jul 11, 2022 EPSS Score
Sep 8, 2022 EPSS Score
Nov 6, 2022 EPSS Score
Jan 4, 2023 EPSS Score

References

Open in Interactive Console →