First published: Tue Sep 07 2021(Updated: )
A remote arbitrary command execution vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, 6.4.4.25. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.
Credit: security-alert@hpe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Arubanetworks Sd-wan | >=2.2.0.0<2.2.0.4 | |
Arubanetworks Arubaos | >=6.4.4.0<6.4.4.25 | |
Arubanetworks Arubaos | >=6.5.4.0<6.5.4.20 | |
Arubanetworks Arubaos | >=8.3.0.0<8.3.0.16 | |
Arubanetworks Arubaos | >=8.5.0.0<8.5.0.13 | |
Arubanetworks Arubaos | >=8.6.0.0<8.6.0.9 | |
Arubanetworks Arubaos | >=8.7.0.0<8.7.1.4 | |
Siemens Scalance W1750d Firmware | ||
Siemens SCALANCE W1750D |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-37720 is a remote arbitrary command execution vulnerability in Aruba SD-WAN Software and Gateways.
CVE-2021-37720 has a severity score of 7.2, which is considered critical.
CVE-2021-37720 affects Aruba Operating System Software versions prior to 8.6.0.4-2.2.0.4, 8.7.1.4, 8.6.0.9, 8.5.0.13, 8.3.0.16, 6.5.4.20, and 6.4.4.25.
To fix CVE-2021-37720, apply the patches released by Aruba for Aruba SD-WAN Software and Gateways.
You can find more information about CVE-2021-37720 in the following references: [link1](https://cert-portal.siemens.com/productcert/pdf/ssa-280624.pdf) and [link2](https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-016.txt).