Skip to main content

Instant CVE-2021-25143

HIGH
2021-03-29 security-alert@hpe.com
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Mar 29, 2021 - 20:15 nvd
HIGH 7.5

DescriptionNVD

A remote denial of service (dos) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.9 and below; Aruba Instant 8.6.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.

AnalysisAI

A remote denial of service (dos) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.9. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Technical ContextAI

A remote denial of service (dos) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 8.3.x: 8.3.0.12 and below; Aruba Instant 8.5.x: 8.5.0.9 and below; Aruba Instant 8.6.x: 8.6.0.4 and below. Aruba has released patches for Aruba Instant that address this security vulnerability. Affected products include: Arubanetworks Instant, Siemens Scalance W1750D Firmware.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2017-13099 HIGH POC
7.5 Dec 13

wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange i

CVE-2021-25162 HIGH POC
8.1 Mar 30

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products

CVE-2021-25159 MEDIUM POC
6.5 Mar 30

A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in v

CVE-2021-25155 MEDIUM POC
6.5 Mar 30

A remote arbitrary file modification vulnerability was discovered in some Aruba Instant Access Point (IAP) products in v

CVE-2021-25161 MEDIUM POC
6.1 Mar 30

A remote cross-site scripting (xss) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in ve

CVE-2021-25158 MEDIUM POC
5.9 Mar 30

A remote arbitrary file read vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s

CVE-2022-37891 CRITICAL
9.8 Oct 07

Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface

CVE-2022-37890 CRITICAL
9.8 Oct 07

Unauthenticated buffer overflow vulnerabilities exist within the Aruba InstantOS and ArubaOS 10 web management interface

CVE-2022-37889 CRITICAL
9.8 Oct 07

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code

CVE-2022-37887 CRITICAL
9.8 Oct 07

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code

CVE-2022-37886 CRITICAL
9.8 Oct 07

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code

CVE-2022-37885 CRITICAL
9.8 Oct 07

There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code

Share

CVE-2021-25143 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy