First published: Tue Sep 07 2021(Updated: )
A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): Prior to 8.6.0.4-2.2.0.4; Prior to 8.8.0.1, 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.
Credit: security-alert@hpe.com
Affected Software | Affected Version | How to fix |
---|---|---|
Arubanetworks Sd-wan | >=2.2.0.0<2.2.0.4 | |
Arubanetworks Arubaos | >=8.3.0.0<8.3.0.15 | |
Arubanetworks Arubaos | >=8.5.0.0<8.5.0.12 | |
Arubanetworks Arubaos | >=8.6.0.0<8.6.0.8 | |
Arubanetworks Arubaos | >=8.7.0.0<8.7.1.2 | |
Arubanetworks Arubaos | >=8.8.0.0<8.8.0.1 | |
Siemens Scalance W1750d Firmware | <8.7.1.3 | |
Siemens SCALANCE W1750D |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this security issue is CVE-2021-37725.
The severity of CVE-2021-37725 is high with a severity value of 8.1.
CVE-2021-37725 affects Aruba SD-WAN Software and Gateways version(s) prior to 8.6.0.4-2.2.0.4, 8.8.0.1, 8.7.1.2, 8.6.0.8, 8.5.0.12, and 8.3.0.15, as well as Siemens Scalance W1750d Firmware version up to 8.7.1.3.
CVE-2021-37725 is a remote cross-site request forgery (CSRF) vulnerability.
Aruba has released patches for Aruba SD-WAN Software and Gateways to address the vulnerability. Please refer to the official Aruba advisory for more information.