Archive of Security Advisories
Advisories
- Aruba Mobility Controller Multiple Remote Code Execution Vulnerabilities – 09/03/2019
- Aruba Impact for CPU Side-Channel Attacks – 06/25/2019
- WPA3 Multiple Vulnerabilities – 04/16/2019
- Aruba Instant Multiple Vulnerabilities – 02/27/2019
- ClearPass Policy Manager Multiple Vulnerabilities – 11/07/2018
- Aruba BLE Radio Firmware Vulnerability – 10/18/2018
- Apache Struts Vulnerability in ClearPass Policy Manager – 08/24/2018
- Linux Kernel Vulnerabilities in ClearPass and AirWave – 08/24/2018
- Return Of Bleichenbacher's Oracle Threat (ROBOT) – 03/28/2018
- ClearPass Policy Manager Multiple Vulnerabilities – 03/21/2018
- Unauthorized Memory Disclosure through CPU Side-Channel Attacks ("Meltdown" and "Spectre") – 01/04/2018
- WPA2 Key Reinstallation Vulnerabilities (CVE-2017-13077) – 10/16/2017
- ArubaOS Multiple Vulnerabilities – 10/11/2017
- Multiple Vulnerabilities in 'dnsmasq' – 10/11/2017
- ClearPass Policy Manager Multiple Vulnerabilities – 09/27/2017
- Apache Struts Multiple Vulnerabilities – 09/11/2017
- HPE Aruba ClearPass Policy Manager, Multiple Vulnerabilities – 06/14/2017
- Aruba AirWave Glass, Remote Code Execution – 05/24/2017
- Aruba ClearPass Policy Manager, Multiple Vulnerabilities – 05/24/2017
- Apache Struts Remote Code Execution Vulnerability – 03/10/2017
- AirWave Management Platform Multiple Vulnerabilities – 01/18/2017
- "Dirty Cow" Linux Kernel Vulnerability (CVE-2016-5195) – 11/04/2016
- ClearPass Policy Manager Multiple Vulnerabilities – 09/21/2016
- ClearPass Policy Manager Multiple Vulnerabilities – 06/01/2016
- ArubaOS Multiple Vulnerabilities – 05/11/2016
- ClearPass Policy Manager Multiple Vulnerabilities – 05/11/2016
- ArubaOS PAPI Vulnerabilities – 05/04/2016
- Aruba Instant Multiple Vulnerabilities – 05/04/2016
- AirWave Management Platform Multiple Vulnerabilities – 05/04/2016
- SAMR and LSA man in the middle attacks ("BADLOCK") – 04/22/2016
- OpenSSL Multiple Vulnerabilities (March 2016) – 03/03/2016
- glibc getaddrinfo() Stack-Based Buffer Overflow – 02/18/2016
- ArubaOS Multiple Vulnerabilities – 11/30/2015
- Network Time Protocol Daemon (NTPD) Multiple Vulnerabilities – 11/30/2015
- ClearPass Policy Manager Multiple Vulnerabilities – 08/20/2015
- OpenSSL Alternative chains certificate forgery – 07/10/2015
- OpenSSL Multiple Vulnerabilities (19 March 2015) – 03/26/2015
- ClearPass Policy Manager Multiple Vulnerabilities – 03/25/2015
- AirWave Multiple Vulnerabilities – 03/18/2015
- Aruba Remote Access Point (RAP) Command Injection – 03/18/2015
- OpenSSL Multiple Vulnerabilities (08 January 2015) – 02/05/2015
- Buffer Overflow in glibc, aka “GHOST” – 02/05/2015
- Aruba Instant (IAP) Wireless DoS Attack – 01/27/2015
- Airwave Privilege Escalation and CPPM SQL Injection (CVE-2014-8367, CVE-2014-8368) – 11/19/2014
- Aruba ClearPass Multiple Vulnerabilities (October 2014) – 10/28/2014
- SSL 3.0 “POODLE” Attack – 10/14/2014
- ArubaOS Authentication Bypass Vulnerability – 10/07/2014
- GNU bash Shell Multiple Vulnerabilities – 09/25/2014
- OpenSSL Multiple Vulnerabilities (August 2014) – 08/18/2014
- SQL Injection and Credential Disclosure Vulnerability in Aruba Networks ClearPass Policy Manager – 07/03/2014
- OpenSSL Multiple Vulnerabilities (CVE-2014-0224) – 06/06/2014
- Apache Struts2 Vulnerabilities (CVE-2014-0050, CVE-2014-0094, CVE-2014-0112, CVE-2014-0113) in ClearPass Policy Manager – 05/14/2014
- Privilege Elevation Vulnerabilities (CVE-2014-2071, CVE-2014-2101) in ClearPass Policy Manager – 05/02/2014
- OpenSSL 1.0.1 library (Heartbleed) vulnerability (CVE-2014-0160) – 04/08/2014
- Apache Struts2 Vulnerability in Aruba Networks ClearPass Policy Manager (CVE-2013-2248, CVE-2013-2251) – 08/01/2013
- Sponsor Confirmation Approval Bypass Vulnerability in Aruba Networks ClearPass Guest product – 05/08/2013
- Multiple Vulnerabilities in OpenSSL (CVE-2013-0169, CVE-2013-0166) – 04/26/2013
- Multiple advisories: OS command injection in RAP web interface and 802.1X EAP-TLS User Authentication Bypass Vulnerability. – 03/19/2012
- Cross Site Scripting vulnerability in ArubaOS Administration WebUI – 03/18/2012
- Cross Site Scripting vulnerability in ArubaOS and AirWave Administration Web Interfaces – 06/07/2011
- Aruba Mobility Controller – multiple advisories: DoS and authentication bypass – 01/31/2011
- TLS Protocol Session Renegotiation Security Vulnerability – 02/08/2010
- Malformed 802.11 Association Request frame causes Denial of Service condition on an Access Point – 10/26/2009
- Management User Authentication Bypass Vulnerability When Using Public Key Based SSH Authentication – 04/23/2009
- DoS Vulnerability in Aruba Mobility Controller Caused by Malformed EAP Frame – 12/08/2008
- Aruba Mobility Controller TACACS User Authentication and Cross Site Scripting Vulnerabilities – 05/14/2008
- Aruba Mobility Controller User Authentication Vulnerability – 12/22/2007
- Aruba Mobility Controller Management Interface Session Cookie Vulnerability – 09/04/2007
- Aruba Mobility Controller Management Interface Login Pages Cross-Site Scripting – 09/03/2007
- Mobility Controller Management Interface Buffer Overflow – 02/13/2007
- Aruba Mobility Controller Guest User Privilege Escalation – 02/13/2007
- VPN ISAKMP Message Processing Denial of Service – 11/13/2005
- SSH Tunneling (Port Forwarding) Through the Aruba Devices is Allowed – 06/14/2005
- IPsec Configurations May Be Vulnerable to Information Disclosure – 05/10/2005
- Risk of Multiple Denial of Service Attacks Using Modified ICMP Packets – 04/19/2005
- Aruba Switches are Vulnerable to a PPTP Exploit – 02/10/2005
- ISC DHCP Contains C Includes That Define “vsnprintf” to “vsprintf” Creating Potential Buffer Overflow Conditions – 06/15/2004
- ISC DHCPD Contains a Stack Buffer Overflow Vulnerability in Handling Log Lines Containing ASCII Characters Only – 06/14/2004
- IEEE 802.11 Wireless Network Protocol DSSS CCA Algorithm Vulnerable to Denial of service – 04/17/2004
- SSH Vulnerabilities – 11/18/2003