CVSS v2 BASE METRIC SCORE: 9.3 (AV:N/AC:M/Au:N/C:C/I:C/A:C)
WORKAROUNDS
Aruba Networks recommends not allowing access to the Aruba Remote Access
Point's diagnostic web interface after initial provisioning by applying an
access list (acl) to block HTTP and HTTPS protocol to its local IP. This
restricted acl needs to be in the highest position of the acl rules for
each user-role that should not have access to the diagnostic web
interface.
CVSS v2 BASE METRIC SCORE: 4.8 (AV:A/AC:L/AU:N/C:P/I:P/A:N)
WORKAROUNDS
Aruba Networks recommends that all customers apply the appropriate
patch(es) as soon
as practical.
SOLUTION
CVSS v2 BASE METRIC SCORE: 6.1 (AV:A/AC:L/Au:N/C:N/I:N/A:C)
WORKAROUNDS
Aruba Networks recommends that all customers apply the appropriate
patch(es) as soon as practical. However, in the event that a patch
cannot immediately be applied, the following steps will help to mitigate
the risk:
- - - - Disable WIDS functionality in the radio profile for all bands
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Aruba Networks Security Advisory
Title: Aruba Mobility Controller TACACS User Authentication and Cross
Site Scripting Vulnerabilities
Aruba Advisory ID: AID-051408
Revision: 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Aruba Networks Security Advisory
Title: DoS Vulnerability in Aruba Mobility Controller Caused by
Malformed EAP Frame.
Aruba Advisory ID: AID-12808
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Aruba Networks Security Advisory
Title: Malformed 802.11 Association Request frame causes Denial of
Service condition on an Access Point.
Aruba Advisory ID: AID-102609
Revision: 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Aruba Networks Security Advisory
Title: TLS Protocol Session Renegotiation Security Vulnerability
Aruba Advisory ID: AID-020810
Revision: 1.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Aruba Networks Security Advisory
Title: Management User Authentication Bypass Vulnerability When Using
Public Key Based SSH Authentication.
Aruba Advisory ID: AID-42309
Author: Jan Fry [jan.fry [at] procheckup.com] of ProCheckUp Ltd (www.procheckup.com)
References:
http://www.arubanetworks.com/products/mobility-controllers/aruba-800.php
http://arubanetworks.com/support/alerts/aid-070907b.asc
Note: the vulnerability was originally documented by Aruba Networks but no information was provided regarding the exploitation of this XSS vulnerability in a persistent way. Aruba Networks has now updated their 'AID-070907b' advisory to include additional information.
certificate into the controller, see "Managing Certificates" on page
517 in Chapter 19, "Configuring Management Access"."
The Aruba OS User Guides containing the above text and further details
on certificate management are available from Aruba's support site at
https://support.arubanetworks.com/.
Aruba Networks was not notified prior to the public disclosure of this
notice. Aruba Networks welcomes the opportunity to work
with security researchers and assist in product reports in accordance
Aruba Networks Security Advisory
Title: Aruba Mobility Controller User Authentication Vulnerability
Aruba Advisory ID: AID-122207
Revision: 1.0
Please see attached PGP signed file for details of the vulnerability.
-Robbie
