Published: 07/09/2021 Updated: 11/02/2022

CVSS v2 Base Score: 8.8 | Impact Score: 9.2 | Exploitability Score: 8.6

CVSS v3 Base Score: 8.1 | Impact Score: 5.2 | Exploitability Score: 2.8

VMScore: 783

Vector: AV:N/AC:M/Au:N/C:N/I:C/A:C

A remote cross-site request forgery (csrf) vulnerability exists in Aruba SD-WAN Software and Gateways; Aruba Operating System Software version(s): before 8.6.0.4-2.2.0.4; before 8.8.0.1, 8.7.1.2, 8.6.0.8, 8.5.0.12, 8.3.0.15. Aruba has released patches for Aruba SD-WAN Software and Gateways and ArubaOS that address this security vulnerability.

Vulnerable Product	Search on Vulmon	Subscribe to Product
arubanetworks sd-wan
arubanetworks arubaos
siemens scalance_w1750d_firmware

Critical Infrastructure Sectors: Chemical, Energy, Food and Agriculture, Healthcare and Public Health, Transportation Systems, Water and Wastewater Systems

CWE-352 https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-016.txt https://cert-portal.siemens.com/productcert/pdf/ssa-280624.pdf https://nvd.nist.gov https://www.cisa.gov/uscert/ics/advisories/icsa-21-287-07

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-37725

Vulnerability Summary

Vulnerability Trend

ICS Advisories

References

Vulmon Search

About

Products

Connect