Aruba Update
1598Warning Date
Severity Level
Warning Number
Target Sector
12 May, 2021
● Medium
2021-2911
All
Description:
Aruba has released a security update to address a vulnerability in the following product:
- All Aruba Instant Access Points:
- Aruba Instant 6.4.x: prior to 6.4.4.8-4.2.4.19
- Aruba Instant 6.5.x: prior to 6.5.4.19
- prior to 6.5.4.20 if using IAP-1xx series
- Aruba Instant 8.3.x: prior to 8.3.0.15
- prior to 8.3.0.16 if using RAP-155 series
- Aruba Instant 8.5.x: prior to 8.5.0.12
- prior to 8.5.0.13 if using RAP-155 series
- Aruba Instant 8.6.x: prior to 8.6.0.8
- prior to 8.6.0.9 if using RAP-155 series
- Aruba Instant 8.7.x: prior to 8.7.1.2
- All ArubaOS Access Points when managed by hardware or virtual implementations of Aruba Mobility Controllers (standard or FIPS):
- ArubaOS 6.4.x: prior to 6.4.4.25
- ArubaOS 6.5.x: prior to 6.5.4.19
- prior to 6.5.4.20 if using AP-1xx series
- ArubaOS 8.3.x: prior to 8.3.0.15
- prior to 8.3.0.16 if using AP-1xx series
- ArubaOS 8.5.x: prior to 8.5.0.12
- prior to 8.5.0.13 if using AP-1xx series
- ArubaOS 8.6.x: prior to 8.6.0.8
- prior to 8.6.0.9 if using AP-1xx series
- ArubaOS 8.7.x: prior to 8.7.1.2
- Aruba Instant On:
- prior to 2.3.0
Threats:
An attacker could exploit this vulnerability by doing the following:
- Execute arbitrary code.
Best practice and Recommendations:
The CERT team encourages users to review Aruba security advisory and apply the necessary update: