Wireless Security Incident Response Team (WSIRT)
Reporting a Security Problem or Vulnerability
Aruba’s Wireless Security Incident Response Team (WSIRT) should be contacted if a security problem is found with an Aruba product or if there is an external security problem that would cause a serious impact on users connected to an Aruba product.
Emails sent to wsirt@arubanetworks.com are directed to selected group of Aruba employees who are experienced in handling security issues.
Please use the PGP keys below corresponding to our email addresses for encrypting any sensitive information sent to the WSIRT.
If a security problem or vulnerability is found in an Aruba product, please send us an email with a detailed description of the problem. Once we acknowledge your email, we request five business days to reproduce the reported problem and prepare a response. We appreciate you waiting for our response prior to reporting the problem to others.
If you are a currently experiencing a network outage or need help configuring a security feature, please contact Aruba Support via phone 1-800-WiFiLan (1-800-943-4526) / International: 1-408-754-1200 or contact us at support@arubanetworks.com.
PGP Key info - wsirt@arubanetworks.com
Key fingerprint: C38D 07D1 BA57 6938 DA7D EF1B A7A2 A28C 0E2A 79F5
Key size: 2048-bit
Key ID: 0x0E2A79F5
UserID: Aruba Networks WSIRT (wsirt@arubanetworks.com)
Download this key
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.2.4 (MingW32)
mQGiBEZwXhoRBADEHlS5oNhEjOf7/bTZybKSgL0FFjAYr9DMqTOMuMcJBrFpkRX/
rb6IqcDMItwh1Tr32tMRtnJLeqQuC5+JIR4mUkC5YY5wJqXpQTompQs9DqFE1Kam
MlXWi5k5GM8ROtUWKwP1/WAJVs9ZtTUqpfsJjKKDmC631ERx1obNMSw4aQCg/27j
9hTJF+mC1SCLB/c4ADkR398D/RN+xqn66CcWSe7UFx54MxMotUpwnvGAUYxbjLtM
jZY2J14Q6kXFoQiWeCcxtQQUS68aw1fvWjVipWQicyOfsTycniQf2V+dLnlnTGK0
I9YQlLmiDokH5q5vItuJFGOHDA/kn3A2UFLjocDvfkTNayDSeiAFQfduZRJSp1qW
9c0fA/0clFLB0SzcaofoOIDF3nF7t8BS4mgXAE5tdss/k7L9b6udV0qJzYp6OnFM
ibkwRPbXt+hrVx1+prYFGP4t7iXLzsQW7vHLANDIZibCqiUNkyQJOUT1j0Rwll+6
VnwSwUmvPSylepgj3rEAq+BxV6OQ/Lj2vHZaJPCl0pI4v9wf7rQuQXJ1YmEgTmV0
d29ya3MgV1NJUlQgPHdzaXJ0QGFydWJhbmV0d29ya3MuY29tPokAlgQQEQIAVgUC
RnBeGjAUgAAAAAAgAAdwcmVmZXJyZWQtZW1haWwtZW5jb2RpbmdAcGdwLmNvbXBn
cG1pbWUGCwkIBwIKAhkBBRsDAAAAAxYCAQUeAQAAAAQVCAkKAAoJEKeioowOKnn1
pvYAoOOTZ95KWUNzyfMQD/YsBu2P22tQAJ0e3XPSRIyUM/bPIbs09bxM+aSfY7kC
DQRGcF4aEAgA9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV
89AHxstDqZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50
T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknb
zSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdX
Q6MdGGzeMyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbT
CD1mpF1Bn5x8vYlLIhkmuquiXsNV6TILOwACAggApyHffntoX++mvOWDV14coxqV
hVbaYXVuUlEID0LP27HtYLYFfKELiOUjv/mwz3LSjJ2drVcrk73b+Pj/UFpRdurK
m7bAJRujYP9nTd+x5gi/XDJxSaD4xvI72/szrcv6k34q4a2bXpXqQYHrRC86n0Ig
TlhioSPVTg/7U2LQBh/lyIIw87Q6Edqbob5iPuiF6kgjnezC+6p0GqGLaVdAeOsZ
feYGq42ovZ/cewTN6BigmSX68Y8c0ZVoR9p8jyMtgX/xFQuib5folyXScYbMzoDw
CsFx1ooFBL591Vo0vtPGawGojvYcjbe7ckgTNde7egkujkC62c7W5lUGL6s/1YkA
TAQYEQIADAUCRnBeGgUbDAAAAAAKCRCnoqKMDip59doCAKDP6Bkq9Ex5xietwFgG
GsqUHl6IugCcDsY/8NjGvjptO4xq6uLMvkNlgbs=
=fjor
-----END PGP PUBLIC KEY BLOCK-----
Support Center Log In »
Please contact Aruba’s Wireless Security Incident Response Team (WSIRT) if there is a security problem affecting users connected to an Aruba product.
wsirt@arubanetworks.com
Recent Advisories
- AID-122207:
Aruba Mobility Controller User Authentication Vulnerability (2007/12/22) - AID-090407:
Aruba Mobility Controller Management Interface Session Cookie Vulnerability (2007/09/04) - AID-070907b:
Aruba Mobility Controller Management Interface Login Pages Cross-Site Scripting (2007/09/03) - AID-021307b:
Mobility Controller Management Interface Buffer Overflow (2007/02/13) - AID-021307:
Aruba Mobility Controller Guest User Privilege Escalation (2007/02/13) - AID-111405:
VPN ISAKMP Message Processing Denial of Service (2005/11/14) - AID-06142005:
SSH tunneling (port forwarding) through the Aruba devices is allowed (2005/06/14) - AID-05102005:
IPsec configurations may be vulnerable to information disclosure (2005/05/10)