NVD - CVE-2021-29148

Vulnerability Change Records for CVE-2021-29148

Change History

Initial Analysis by NIST 8/06/2021 10:50:36 AM

Action	Type	Old Value	New Value
Added	CVSS V3.1		NIST AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Added	CVSS V2		NIST (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Added	CWE		NIST CWE-79
Added	CPE Configuration		AND OR cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.04.000 up to (excluding) 10.04.3070 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.05.0000 up to (excluding) 10.05.0070 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.06.0000 up to (including) 10.06.0110 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.07.0000 up to (including) 10.07.0001 OR cpe:2.3:h:aruba:cx_6200f:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.04.000 up to (excluding) 10.04.3070 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.05.0000 up to (excluding) 10.05.0070 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.06.0000 up to (including) 10.06.0110 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.07.0000 up to (including) 10.07.0001 OR cpe:2.3:h:aruba:cx_6300:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.04.000 up to (excluding) 10.04.3070 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.05.0000 up to (excluding) 10.05.0070 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.06.0000 up to (including) 10.06.0110 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.07.0000 up to (including) 10.07.0001 OR cpe:2.3:h:aruba:cx_6400:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.04.000 up to (excluding) 10.04.3070 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.05.0000 up to (excluding) 10.05.0070 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.06.0000 up to (including) 10.06.0110 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.07.0000 up to (including) 10.07.0001 OR cpe:2.3:h:aruba:cx_8320:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.04.000 up to (excluding) 10.04.3070 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.05.0000 up to (excluding) 10.05.0070 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.06.0000 up to (including) 10.06.0110 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.07.0000 up to (including) 10.07.0001 OR cpe:2.3:h:aruba:cx_8325:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.04.000 up to (excluding) 10.04.3070 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.05.0000 up to (excluding) 10.05.0070 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.06.0000 up to (including) 10.06.0110 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.07.0000 up to (including) 10.07.0001 OR cpe:2.3:h:aruba:cx_8360:-:::::::*
Added	CPE Configuration		AND OR cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.04.000 up to (excluding) 10.04.3070 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.05.0000 up to (excluding) 10.05.0070 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.06.0000 up to (including) 10.06.0110 cpe:2.3:o:aruba:aos-cx_firmware::::::::* versions from (including) 10.07.0000 up to (including) 10.07.0001 OR cpe:2.3:h:aruba:cx_8400:-:::::::*
Changed	Reference Type	https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt No Types Assigned	https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-013.txt Patch, Vendor Advisory
Added	CVSS V2 Metadata		Victim must voluntarily interact with attack mechanism