CVE-2021-29149
First published: Thu Jul 22 2021(Updated: )
A local bypass security restrictions vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.
Credit: security-alert@hpe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Aruba Networks AOS-CX | >=10.04.000<10.04.3070 | |
| Aruba Networks AOS-CX | >=10.05.0000<10.05.0070 | |
| Aruba Networks AOS-CX | >=10.06.0000<=10.06.0110 | |
| Aruba Networks AOS-CX | >=10.07.0000<=10.07.0001 | |
| Aruba CX 6200F | ||
| Aruba Networks CX 6300 | ||
| Aruba Networks CX 6400 | ||
| Aruba CX 8320 | ||
| Aruba Networks CX 8325 Firmware | ||
| Aruba CX 8360 | ||
| Aruba Networks CX 8400 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2021-29149?
CVE-2021-29149 has a medium severity rating due to potential local bypass of security restrictions.
How do I fix CVE-2021-29149?
To fix CVE-2021-29149, update the affected Aruba AOS-CX firmware to a version prior to 10.04.3070, or after 10.07.0001.
Which Aruba AOS-CX firmware versions are vulnerable to CVE-2021-29149?
Firmware versions from 10.04.000 up to 10.04.3070, 10.05.000 up to 10.05.0070, 10.06.000 up to 10.06.0110, and 10.07.0000 up to 10.07.0001 are vulnerable.
Is the Aruba CX 6200F affected by CVE-2021-29149?
No, the Aruba CX 6200F is not affected by CVE-2021-29149.
What types of devices are impacted by CVE-2021-29149?
The devices impacted by CVE-2021-29149 include various models in the Aruba CX 6200F, 6300, 6400, 8320, 8325, 8400, and 8360 Switch Series running the specified firmware versions.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/remedy
- agent/severity
- agent/last-modified-date
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/arubanetworks
- canonical/aruba networks aos-cx
- version/aruba networks aos-cx/10.04.000
- version/aruba networks aos-cx/10.05.0000
- version/aruba networks aos-cx/10.06.0000
- version/aruba networks aos-cx/10.06.0110
- version/aruba networks aos-cx/10.07.0000
- version/aruba networks aos-cx/10.07.0001
- canonical/aruba cx 6200f
- canonical/aruba networks cx 6300
- canonical/aruba networks cx 6400
- canonical/aruba cx 8320
- canonical/aruba networks cx 8325 firmware
- canonical/aruba cx 8360
- canonical/aruba networks cx 8400