CVE-2021-41003 : Security Advisory and Response

Multiple unauthenticated command injection vulnerabilities were discovered in the AOS-CX API interface in various Aruba switch series. Aruba has released upgrades to address these vulnerabilities.

Understanding CVE-2021-41003

What is CVE-2021-41003?

Multiple unauthenticated command injection vulnerabilities were found in the AOS-CX API interface in Aruba switch series.

The Impact of CVE-2021-41003

These vulnerabilities could allow unauthenticated attackers to execute commands on affected systems, leading to unauthorized access and potential disruption of services.

Technical Details of CVE-2021-41003

Vulnerability Description

The vulnerabilities allow for unauthenticated command injection in the AOS-CX API interface, affecting multiple Aruba switch series.

Affected Systems and Versions

Affected products include Aruba CX 6200F, 6300, 6400, 8320, 8325, 8400, and CX 8360 switch series.
Vulnerable versions: AOS-CX 10.06.xxxx: 10.06.0170 and below, 10.07.xxxx: 10.07.0050 and below, 10.08.xxxx: 10.08.1030 and below, 10.09.xxxx: 10.09.0002 and below.

Exploitation Mechanism

The vulnerabilities can be exploited by sending crafted API requests to the affected devices, allowing attackers to inject and execute arbitrary commands.

Mitigation and Prevention

Immediate Steps to Take

Apply the necessary security updates provided by Aruba to patch the vulnerabilities.
Ensure access to the affected devices is restricted and monitored to prevent unauthorized access.

Long-Term Security Practices

Regularly update and patch all network devices to protect against known vulnerabilities.
Implement strong access controls and authentication mechanisms to secure network access.

Patching and Updates

Aruba has released upgrades for the affected AOS-CX devices that address the command injection vulnerabilities.