Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-25141
HistoryFeb 09, 2021 - 5:15 p.m.

CVE-2021-25141

2021-02-0917:15:00
NVD-CWE-Other
[email protected]
web.nvd.nist.gov
185
cve-2021-25141
hpe
aruba
l2 switch
l3 switch
firmware
vulnerability
dos

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

4.7 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON

A security vulnerability has been identified in in certain HPE and Aruba L2/L3 switch firmware. A data processing error due to improper handling of an unexpected data type in user supplied information to the switch’s management interface has been identified. The data processing error could be exploited to cause a crash or reboot in the switch management interface and/or possibly the switch itself leading to local denial of service (DoS). The user must have administrator privileges to exploit this vulnerability.

CPENameOperatorVersion
arubanetworks:aruba_5406r_zl2_firmwarearubanetworks aruba 5406r zl2 firmwareltkb.16.10.0012
arubanetworks:aruba_5412r_zl2_firmwarearubanetworks aruba 5412r zl2 firmwareltkb.16.10.0012
arubanetworks:aruba_3810m_firmwarearubanetworks aruba 3810m firmwareltkb.16.10.0012
arubanetworks:aruba_2930m_firmwarearubanetworks aruba 2930m firmwareltwc.16.10.0012
arubanetworks:aruba_2930f_firmwarearubanetworks aruba 2930f firmwareltwc.16.10.0012
arubanetworks:aruba_2920_firmwarearubanetworks aruba 2920 firmwareltwb.16.10.0011
arubanetworks:aruba_2540_firmwarearubanetworks aruba 2540 firmwareltyc.16.10.0012
arubanetworks:aruba_2530ya_firmwarearubanetworks aruba 2530ya firmwareltya.16.10.0012
arubanetworks:aruba_3800_firmwarearubanetworks aruba 3800 firmwareltka.16.04.0022
arubanetworks:aruba_2620_firmwarearubanetworks aruba 2620 firmwareltra.16.04.0022
Rows per page:
1-10 of 151

Related

cvelist 1
prion 1
nessus 1
cvelist
cvelist
CVE-2021-25141
2021-02-09 16:11:28
prion
prion
Design/Logic Flaw
2021-02-09 17:15:00
nessus
nessus
ArubaOS-Switch DoS (ARUBA-PSA-2021-002)
2021-06-15 00:00:00

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

4.7 Medium

AI Score

Confidence

High

4.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

5.2%

JSON
Related for CVE-2021-25141
cvelist1prion1nessus1