Remote Code Execution Vulnerability in Aruba Instant On 1930 Switch Series by HPE
CVE-2021-41004

7.5HIGH

Key Information:

Vendor: HP
Status: Aruba Instant On 1930 Switch Series
Vendor: CVE Published:; 12 April 2022

What is CVE-2021-41004?

A remote vulnerability has been identified in the Aruba Instant On 1930 Switch Series, affecting firmware versions prior to v1.0.7.0. This flaw allows an attacker to execute arbitrary code remotely, potentially leading to unauthorized access and control over affected devices. Organizations using the vulnerable firmware should prioritize upgrading to newer, secure versions to mitigate risks and strengthen their network security.

Affected Version(s)

Aruba Instant On 1930 Switch Series Firmware below v1.0.7.0

References

https://support.hpe.com/hpsc/doc/public/display?docLocale...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 12, 2022
Vulnerability Reserved
Sep 13, 2021