First published: Tue Mar 30 2021(Updated: )
A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.6 and below; Aruba Instant 8.7.x: 8.7.1.0 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.
Credit: security-alert@hpe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Arubanetworks Instant | >=6.4.0.0<=6.4.4.8-4.2.4.18 | |
Arubanetworks Instant | >=6.5.0.0<6.5.4.19 | |
Arubanetworks Instant | >=8.3.0.0<8.3.0.15 | |
Arubanetworks Instant | >=8.5.0.0<8.5.0.12 | |
Arubanetworks Instant | >=8.6.0.0<8.6.0.7 | |
Arubanetworks Instant | >=8.7.0.0<8.7.1.1 | |
Siemens Scalance W1750d Firmware | >=8.7.0<8.7.1.3 | |
Siemens SCALANCE W1750D |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-25157.
The severity of CVE-2021-25157 is medium.
Aruba Instant Access Point (IAP) products in versions: Aruba Instant 6.4.x, Aruba Instant 6.5.x, Aruba Instant 8.3.x, Aruba Instant 8.5.x, and Siemens Scalance W1750d Firmware.
Update affected Aruba Instant Access Point (IAP) products to the recommended versions provided by the vendor.
No, Siemens Scalance W1750d devices are not vulnerable to CVE-2021-25157.